Podcasts about GraphQL

How do you intelligently surface access to your database? While at NDC Toronto, Richard spoke with Jerry Nixon about Data API Builder, Microsoft's tool that enables data professionals using Microsoft databases, including SQL Server, Postgres, CosmosDB, and MySQL, to provide an API layer with security, schema extraction, and governance policies. You can expose the API as a REST interface, a GraphQL interface, and an MCP server! This is a powerful tool for providing controlled access to data while still allowing for ad-hoc access. The potential is huge - you need to check it out! Links Data API Builder GraphQL Recorded May 7, 2026

Java 26 est là, GraalVM cartonne chez Trivago (43 à 12 réplicas !), OpenJDK interdit le code généré par LLM, Spring et Quarkus enchaînent les releases. Côté IA : ADK 1.0, A2A, Lyria 3 chante (mal ?), Yann LeCun lance Ami Labs et ses World Models. Mythos d'Anthropic fait trembler la sécu, Claude Code a leaké son source, et les git worktrees envahissent vos terminaux. Bonus : la mort annoncée de l'IDE, vagues de licenciement chez Oracle et Block, et nos voix toutes clonées. Bon week-ends de mai ! Enregistré le 7 mai 2026 Téléchargement de l'épisode LesCastCodeurs-Episode-340.mp3 ou en vidéo sur YouTube. News Langages Retour d'expérience d'une migration vers graalVM chez Trivago https://medium.com/graalvm/inside-trivagos-graalvm-migration-native-image-for-graphql-at-scale-912bca9df841 La passerelle GraphQL de Trivago (point d'entrée de tout le trafic vers 48 microservices) souffrait de pics de timeout au démarrage JVM Résultats spectaculaires après migration vers GraalVM Native Image : réduction des réplicas de 43 à 12, CPU de 15 à 5 cœurs, images Docker plus légères Obstacles techniques : incompatibilité Log4j → migration vers Logback, remplacement de Mockk par Testcontainers, compilation CI/CD très gourmande Netflix DGS et d'autres librairies manquaient de support GraalVM → l'équipe a contribué des correctifs upstream en open source Approche recommandée : commencer par les services les moins complexes, investir massivement dans les tests automatisés À la 14e migration, le processus était si rodé qu'il allait plus vite que la toute première tentative OpenJDK Interim Policy on Generative AI - https://openjdk.org/legal/ai OpenJDK adopte une politique intérimaire interdisant toute contribution incluant du contenu généré par des LLMs, modèles de diffusion ou systèmes deep-learning Le périmètre est large : code source, texte, images dans les dépôts Git, pull requests GitHub, emails, pages wiki et issues JBS Les contributeurs peuvent utiliser les outils d'IA de manière privée pour comprendre, déboguer et relire le code OpenJDK, mais ne peuvent pas contribuer le contenu généré Trois risques justifient cette politique : surcharge des relecteurs face au code plausible mais incorrect, risques de sûreté/sécurité pour une plateforme critique, et risques de propriété intellectuelle (l'OCA exige que les contributeurs possèdent les droits IP de leurs contributions) Même éditer partiellement du code AI-généré ne le rend pas acceptable à la contribution Oracle, sponsor corporatif d'OpenJDK, travaille sur une politique complète à soumettre au Governing Board GraalVM Native Image et la Closed-World Assumption en Java https://pvs-studio.com/en/blog/posts/java/1357/ Un bon article de rappel du contexte de closed world en Java GraalVM Native Image compile les applications Java en exécutables natifs statiques, sans JVM au runtime. La JVM fonctionne en monde ouvert : les classes sont chargées à la demande, les appels sont des références symboliques résolues dynamiquement. Native Image impose la "closed-world assumption" : tous les chemins d'exécution doivent être connus à la compilation. Les fonctionnalités dynamiques Java (réflexion, proxies, chargement de classes) créent des chemins cachés invisibles à l'analyse statique. C'est pourquoi Native Image exige des fichiers de configuration explicites pour la réflexion, les proxies, les ressources et la FFM API. L'article illustre le problème avec la Foreign Function & Memory API pour appeler printf natif : fonctionne sur JVM, échoue en Native Image sans config. Inclure tout le bytecode accessible serait inutilisable : binaire géant, compilation très lente, et la réflexion nécessite des métadonnées précises. La configuration n'est pas un défaut de conception mais une conséquence logique du passage du dynamique au statique. Java 26 : les nouveautés https://foojay.io/today/java-26-whats-new/ Java est le langage de la JVM, publié tous les 6 mois depuis Java 9 ; Java 26 est une version non-LTS avec 10 JEPs. JEP 500 : protection des champs final modifiés par réflexion profonde, avec des avertissements configurables. JEP 504 : suppression définitive de l'API Applet, plus supportée par les navigateurs. JEP 516 : le cache AOT (Project Leyden) fonctionne désormais avec n'importe quel garbage collector. JEP 517 : support HTTP/3 dans le client HTTP, HTTP/2 reste le défaut mais HTTP/3 est accessible à la demande. JEP 522 : amélioration du débit du GC G1 en réduisant la synchronisation entre threads applicatifs et threads GC. Nouveau support des UUIDv7 via UUID.ofEpochMillis(), naturellement triables et adaptés aux identifiants de bases de données. Process devient AutoCloseable, utilisable dans un try-with-resources. Aucune fonctionnalité en preview n'est graduée en standard ; Structured Concurrency en est à sa 6e preview. Librairies Guillaume a créé une petite librairie Java sans dépendance pour extraire le JSON d'une réponse d'un LLM un peu verbeux https://glaforge.dev/posts/2026/03/22/extracting-json-from-llm-chatter-with-jsonspotter/ Les LLM génèrent souvent du JSON, mais il est parfois entouré de bla-bla et/ou contient des erreurs (ex: commentaires, virgules finales) qui bloquent les parseurs JSON standards. Guillaume a créé une petite librairie légère sans dépendance pour localiser et extraire la structure la plus longue ressemblant à du JSON (même malformé) On peut ensuite passé cette chaîne à un parseur "lénient" (plus tolérant) comme Jackson pour ensuite avoir de bons vieux objets Java fortement typés Librairie dispo sur Maven Central ADK Java sort sa version 1.0 (Agent Development Kit par Google) https://developers.googleblog.com/announcing-adk-for-java-100-building-the-future-of-ai-agents-in-java/ ADK est un framework open source de Google pour créer des agents IA, initialement en Python, maintenant multi-langages (Python, Java, Go, Typescript). Nouvelles fonctionnalités majeures : Outils puissants : GoogleMapsTool, UrlContextTool, ContainerCodeExecutor, VertexAiCodeExecutor, abstraction ComputerUseTool. Architecture de plugins centralisée : Nouveau conteneur App pour gérer les Plugins à l'échelle de l'application (ex: LoggingPlugin, GlobalInstructionPlugin). Context engineering amélioré : Compaction d'événements pour gérer la taille des fenêtres de contexte (résumé et rétention). Human-in-the-Loop (HITL) : Supporte les workflows ToolConfirmation pour approbation humaine des actions d'agent. Services de session et de mémoire : Contrats clairs pour la gestion de l'état (InMemory, VertexAI, Firestore) et la mémoire à long terme. Support Agent2Agent (A2A) : Collaboration native entre agents distants de différents frameworks via le protocole A2A. Dans cet autre article, Guillaume partage comment il a développé l'application Comic Trip montrée dans la vidéo YouTube et qui utilise ADK 1.0 https://glaforge.dev/posts/2026/03/30/building-my-comic-trip-agent-with-adk-java-1-0/ Nouvelle version du SDK Java pour Agent2Agent Protocol, avec le support de la version 1.0 de la spécification https://medium.com/google-cloud/a2a-java-sdk-1-0-0-beta1-released-e83c414b34cc Alignement avec la version 1.0 de la spécification Nouveau groupId org.a2aproject.sdk et package org.a2aproject.sdk Protocoles de transport : support complet et équivalent pour JSON-RPC, gRPC et HTTP+JSON/REST. Gestion des erreurs : introduction de codes d'erreur et détails structurés pour une meilleure observabilité. Optimisation HTTP : ajout d'en-têtes de cache pour les métadonnées des agents (Agent Card). Flexibilité du client HTTP : support par défaut du JDK HttpClient, avec option Vert.x pour les environnements Quarkus. Nouvelles fonctionnalités techniques : méthode DataPart.fromJson() pour la création simplifiée d'objets depuis du JSON brut. Prochaines étapes (v1.0.0.GA) : support simultané des versions 1.0.0 et 0.3.0 du protocole pour assurer l'interopérabilité. JPA 4.0 Milestone 2 : nouvelles fonctionnalités pour Jakarta Persistence https://in.relation.to/2026/04/23/JPA-4-M2/ Jakarta Persistence (JPA) est la spécification standard Java pour le mapping objet-relationnel (ORM), implémentée notamment par Hibernate. JPA 4.0 M2 est la deuxième milestone de la prochaine version majeure de la spécification, annoncée par Gavin King. Construction de requêtes Criteria à partir de chaînes JPQL, offrant plus de flexibilité dans la composition dynamique des requêtes. Nouveaux types d'expressions spécialisés (TextExpression, NumericExpression) pour simplifier l'écriture des requêtes Criteria. Nouvelle interface FetchOption pour contrôler explicitement la stratégie de chargement des associations, dont un BatchSize intégré. Nouvelle annotation @EntityListener qui découple les classes entités de leurs listeners, supprimant les dépendances à la compilation. Les listeners peuvent cibler plusieurs types de callbacks et s'appliquer globalement à toute l'unité de persistance. Introduction de FlushModeType.EXPLICIT et QueryFlushMode pour un contrôle plus fin de la synchronisation avec la base de données. La méta-annotation @Discoverable permet de placer des annotations comme @NamedQuery sur n'importe quelle classe ou interface. Améliorations du DDL via @Index amélioré et clarifications de la spécification via la javadoc. Quarkus 3.35 : tree-shaking, PGO et AOT Semeru https://quarkus.io/blog/quarkus-3-35-released/ Quarkus est un framework Java cloud-natif optimisé pour GraalVM et HotSpot, conçu pour les microservices et les environnements conteneurisés. Nouveau JAR tree-shaking expérimental : analyse des dépendances à la compilation pour supprimer les classes inutilisées. Sur le CLI Quarkus, cela supprime plus de 6 000 classes et économise environ 18 Mo (39,5 %). Support du Profile-Guided Optimization (PGO) pour les builds natifs via quarkus.native.pgo.enabled=true. Le PGO est une fonctionnalité Oracle GraalVM, non disponible dans la Community Edition. Support de l'AOT IBM Semeru : le démarrage passe de ~380 ms à ~190 ms dans les premiers tests. Nouvelle extension quarkus-reactive-transactions : support de @Transactional pour les méthodes Hibernate Reactive retournant Uni. Configuration CORS dédiée pour l'interface de management, indépendante de l'interface HTTP principale. Les tests n'utilisent plus les System Properties pour la propagation de configuration, facilitant la parallélisation future. Le serializer jackson sans reflection n'est pas le default du aux retours de cas limites, encore du travail This Week in Spring - 21 avril 2026 https://spring.io/blog/2026/04/21/this-week-in-spring-april-21-2026 Spring Framework 6.2.18 et 7.0.7 corrigent trois failles de sécurité : DoS via fichiers multipart WebFlux, empoisonnement de cache de ressources statiques, et DoS sur Windows. Le support open source de Spring Framework 5.3.x et 6.1.x est terminé, la migration est recommandée. Spring Data 2026.0.0-RC1 introduit l'upsert (MERGE/INSERT ON CONFLICT) dans l'API Template de Spring Data Relational. Spring Data ajoute un RedisMessageSendingTemplate pour la cohérence avec les listeners Redis, et une optimisation de réinitialisation de caches en un seul appel. Spring AI introduit une Session API (série Agentic Patterns, partie 7) : architecture event-sourcée pour la mémoire des agents IA. La Session API supporte la compaction turn-safe, l'isolation de sous-agents en parallèle, et la persistence JDBC (PostgreSQL, MySQL, MariaDB, H2). Elle vise Spring AI 2.1 (novembre 2026) et remplacera à terme l'API ChatMemory. Spring Vault 4.1.0-RC1 et 4.0.2 sont disponibles. Netflix a présenté son usage de Java, Spring Boot et Spring AI dans une vidéo. This Week in Spring - 28 avril 2026 https://spring.io/blog/2026/04/28/this-week-in-spring-april-28-2026 Cette série hebdomadaire de Josh Long compile les nouveautés de l'écosystème Spring : articles, outils, podcasts et annonces de la communauté. Spring Boot 4 introduit un package natif de résilience org.springframework.resilience avec une nouvelle API de retry qui remplace les approches fragiles via Spring Retry ou Resilience4j. L'API retry native de Spring Boot 4 a des noms d'attributs et sémantiques différents des anciennes bibliothèques, rendant les tutoriels pré-2025 obsolètes et sources de bugs silencieux. Le SDK Spring AI pour Amazon Bedrock AgentCore est disponible en GA : il intègre les capacités AgentCore dans Spring AI via annotations et auto-configuration. Le SDK AgentCore gère automatiquement le contrat runtime AgentCore : endpoint /invocations, health check /ping, SSE avec backpressure. Il offre mémoire court terme (sliding window) et long terme (sémantique, préférences, résumé, épisodique), ainsi que des outils pour navigateur et exécution de code en sandbox. Un plugin Maven (Nullability Maven Plugin) simplifie l'intégration de JSpecify et NullAway pour enforcer la null-safety à la compilation dans les projets Java. Le plugin génère automatiquement les fichiers package-info.java par package et configure le compilateur pour traiter les violations de nullabilité comme des erreurs. Josh Long et Dr. Venkat Subramaniam ont co-présenté à Voxxed Days Amsterdam sur "Intelligent Kotlin", avec un épisode de podcast associé. Cloud Amazon S3 Files https://aws.amazon.com/about-aws/whats-new/2026/04/amazon-s3-files/ Amazon S3 Files est un nouveau service donnant un accès système de fichiers direct aux données stockées dans les buckets S3 Basé sur la technologie Amazon EFS, il supprime la barrière entre stockage objet et interface système de fichiers sans dupliquer les données Débit en lecture pouvant atteindre plusieurs téraoctets par seconde ; des milliers de ressources de calcul peuvent y accéder simultanément Les données restent accessibles via les deux interfaces : S3 API classique et système de fichiers standard, sans migration nécessaire Cas d'usage : agents IA pour la persistance de mémoire entre pipelines, équipes ML sans staging, simplification des data lakes Disponible dans 34 régions AWS Data et Intelligence Artificielle Comment générer de la musique et des clips audio en Java avec le modèle Lyria 3 https://glaforge.dev/posts/2026/03/25/generating-music-with-lyria-3-and-the-gemini-interactions-java-sdk/ Génération musicale avec Lyria 3 (DeepMind) et le SDK Java Gemini Interactions. Lyria 3 : modèle d'IA générative pour créer musique avec paroles ou pistes instrumentales. Utilisation via le SDK Java de l'API Gemini, nécessite une clé API Gemini. Deux versions de modèle Lyria 3 : lyria-3-clip-preview : Clips courts (30s), extraits. lyria-3-pro-preview : Chansons complètes (jusqu'à 3 min), structurées. Personnalisation via les prompts : Fournir ses propres paroles ou les faire générer. Contrôler la structure de la chanson ([Intro], [Verse], [Chorus], [Outro]). Générer des morceaux instrumentaux uniquement. Utiliser des images comme source d'inspiration (modèle multimodal). Sortie : Audio (MP3) et texte (paroles/structure) directement, sans décodage complexe. Facilite l'intégration de la génération musicale dans les applications Java. Les world model, la prochaine étape pour les IA https://www.lepoint.fr/sciences-nature/comment-le-commando-de-yann-le-cun-se-prepare-a-ringardiser-les-geants-mondiaux-de-lia-depuis-paris-OZVUWTDYBNE25C6WF44265ZQKE/ Yann LeCun a quitté Meta FAIR pour créer AMI Labs (Advanced Machine Intelligence) basée à Paris Sa thèse : les LLMs ne mèneront pas à l'intelligence générale, la vraie IA doit partir de la compréhension du monde physique AMI Labs a levé 1,03 milliard de dollars en seed (le plus grand seed round de l'histoire européenne) à 3,5 milliards de valorisation Les world models apprennent à prédire et comprendre la réalité physique plutôt qu'à prédire le prochain token d'une séquence Slogan d'AMI : "Real intelligence does not start in language. It starts in the world." Paris comme base stratégique pour challenger la Silicon Valley dans la prochaine rupture de l'IA Debezium 2026 : résultats du sondage communautaire https://debezium.io/blog/2026/04/27/debezium-2026-survey-results/ Debezium est un outil de Change Data Capture (CDC) open source qui capture les modifications de bases de données en temps réel pour les diffuser vers des systèmes comme Kafka. 98,6% des répondants utilisent Debezium activement ou prévoient de le faire dans l'année, avec 91,3% déjà en production. 63,8% des déploiements tournent sur Kubernetes, 60,9% utilisent Kafka Connect auto-géré, et 17,4% restent sur des VMs ou bare metal. Helm charts est l'approche dominante pour la gestion de configuration, souvent combiné avec GitOps, CI/CD, Ansible ou Terraform. PostgreSQL domine les connecteurs utilisés à 69,6%, suivi de MySQL (33,3%), SQL Server (29%) et Oracle (27,5%). Les volumes de changements capturés vont de 1-25 modifications par minute jusqu'à 1-2 millions par minute selon les environnements. Infinispan rejoint l'écosystème OGX comme fournisseur de stockage vectoriel https://infinispan.org/blog/2026/04/17/infinispan-joins-ogx-ecosystem OGX (anciennement Llama Stack) est un serveur API agentique open source pour construire des applications d'IA complètes. OGX compose des fournisseurs d'inférence, des stores vectoriels, des backends de sécurité, des runtimes d'outils et du stockage de fichiers en un seul serveur déployable. OGX se positionne comme une alternative à l'API OpenAI, déployable sur diverses infrastructures et modèles. OGX cible les workflows RAG (Retrieval-Augmented Generation) et les applications agentiques. Infinispan s'y intègre comme fournisseur de vector IO, apportant recherche vectorielle, par mots-clés et hybride. Je n'ai pas entendu parlé de ce renommage, vous le voyez dans vos deploiements ? Outillage cmux un nouveau terminal basé sur Ghostty spécialisé pour les coding agents https://cmux.com/ Application macOS native construite sur le moteur de rendu Ghostty (libghostty), offrant une accélération GPU pour une fluidité maximale Conçu spécifiquement pour le multitâche et les workflows assistés par IA, avec des onglets verticaux affichant la branche Git, le répertoire et les ports actifs Intègre des notifications qui illuminent les panneaux lorsqu'un agent IA (Claude Code, Codex, etc.) nécessite l'attention de l'utilisateur Propose un navigateur web intégré et scriptable qui peut être affiché en écran scindé à côté du terminal via une API Alternative moderne à tmux, ne nécessitant pas de fichiers de configuration complexes ou de préfixes de touches pour la gestion des vitres et des sessions Supporte nativement tous les agents de codage en ligne de commande et permet l'automatisation via une API socket et une interface CLI dédiée Git Worktree comme un chef https://www.metal3d.org/blog/2026/git-worktree-comme-un-chef/ Article par Patrice Ferlet Git Worktree: Travailler sur plusieurs branches simultanément via des répertoires distincts. Évite git stash ou clones multiples pour le changement de contexte rapide. Méthode "bare" (recommandée): Cloner le dépôt en mode bare (ex: .bare). Lier le dossier racine au dépôt bare via un fichier .git. Configurer le remote tracking pour voir toutes les branches distantes. Ajouter des worktrees pour chaque branche (git worktree add ). Avantages: Économie d'espace, source de vérité unique (un git fetch met tout à jour), hooks/configs partagés, sécurité. Conseils: Ne jamais faire de git checkout à l'intérieur d'un worktree. git fetch --all depuis n'importe quel worktree pour tout mettre à jour. git worktree add --detach pour tester des merges temporaires sans créer de branche. Supprimer: git worktree remove puis git worktree prune. Un script wtree est fourni pour automatiser l'initialisation du setup "bare". Améliore considérablement le workflow. L'IDE meurt et vite https://x.com/jdegoes/status/2036931874057314390?s=46&t=C18cckWlfukmsB_Fx0FfxQ Des leaders techniques prédisent la fin rapide de l'IDE traditionnel, remplacé par des interfaces conversationnelles agentiques Le changement de paradigme : le développeur n'écrit plus des lignes de code mais exprime son intention et supervise des agents autonomes Des outils comme Claude Code, Copilot et Cursor transforment déjà radicalement les workflows de développement quotidiens L'IDE centré sur l'éditeur de code perd sa raison d'être quand l'agent lit, modifie et structure le code de manière autonome La transition est comparable au passage du desktop au mobile : les pratiques établies depuis 30 ans remises en question en quelques mois Le source de Claude Code a leaké via probablement le codemap et un site decrit sont fonctionnement https://ccunpacked.dev/ Le 31 mars 2026, Anthropic a accidentellement inclus les sourcemaps dans un package npm de Claude Code, exposant ~512 000 lignes de TypeScript La fuite n'était pas un piratage mais une erreur humaine : un "*.map" oublié dans .npmignore Le site ccunpacked.dev a été lancé pour analyser et visualiser le code source décompressé Le code révèle un agent background permanent nommé "KAIROS", un mode furtif pour cacher les contributions des employés Anthropic à l'open source, et 44 feature flags cachés Une fonctionnalité inédite "Buddy" (animal de compagnie électronique dans le terminal) et un mode "dream" pour l'idéation continue ont été découverts Anthropic a confirmé : "Aucune donnée client sensible n'était impliquée. Erreur humaine dans le packaging de la release." Gemini CLI passe aux agents https://x.com/srithreepo/status/2039794081925382307?s=46&t=GLj1NFxZoCFCjw2oYpiJpw Gemini CLI, l'agent IA open source de Google pour le terminal, introduit des hooks dans sa boucle agentique Les hooks permettent d'exécuter des scripts automatiquement (scanners de sécurité, vérifications de conformité, logging) à chaque étape de l'agent Lancement de Gemini CLI GitHub Actions : un agent autonome pour les repositories qui peut exécuter des tâches de codage de routine Support des MCP servers pour étendre les capacités et des "Agent Skills" pour des workflows spécialisés Mode agent disponible dans VS Code et IntelliJ avec accès aux outils du système de fichiers et terminal Wispr, le speech to text en local sur macOS http://wispr.stormacq.com/ Wispr est une application macOS de dictée vocale entièrement locale, propulsée par Whisper (OpenAI) sur appareil, sans cloud ni tracking Sébastien Stormacq a développé Wispr en un jour et demi sans écrire une seule ligne de code, grâce à Kiro CLI (agent IA Amazon) Disponible en open source sur GitHub et via Homebrew Détection automatique de la langue, insertion du texte au curseur dans n'importe quelle application via un raccourci global En un mois : 19 releases incluant mode mains-libres, suppression des mots de remplissage, auto-envoi pour les chats, et un outil CLI Exemple concret de développement vibe coding produisant un outil de qualité production sans expertise Swift préalable Comment, Gordon, l'assistant spécialisé en Docker est né https://n9o.xyz/posts/202603-building-gordon/ Nuno Coração (n9o.xyz) détaille comment Gordon, l'assistant spécialisé Docker, a été construit sur docker-agent, le runtime d'agents IA open source de Docker écrit en Go Les agents sont définis en YAML déclaratif et distribués comme des artefacts OCI, sans mise à jour binaire nécessaire L'architecture initiale en essaim de 9 agents spécialisés a été abandonnée au profit d'un agent racine unique avec un prompt soigneusement conçu Le modèle utilisé est Claude Haiku 4.5, suffisant après optimisation des prompts Principe clé "show, then do" : toute action de l'agent nécessite une approbation explicite de l'utilisateur La description des outils impacte fortement la précision du LLM : ajouter des outils peut paradoxalement dégrader les performances existantes Le prompt est une spécification détaillée (identité, patterns d'accès fichiers, règles de sécurité) plutôt qu'une simple instruction IBM Bob https://bob.ibm.com/blog/announcing-ibm-bob-launch IBM Bob assistant IA d'IBM pour coder sur de vraies codebases (lancé avril 2026) 5 modes : Ask, Plan, Code, Advanced (MCP), Orchestrator Détecte la complexité du code en temps réel et propose des refactos Fait des revues de code automatiques sur tes branches/issues GitHub Permet d'écrire en langage naturel directement dans l'éditeur Fonctionne aussi en terminal/CLI et dans les pipelines CI/CD Sécurité : approbation manuelle, .bobignore, checkpoints, pas de training sur tes prompts How I use Claude - 50 tips pratiques https://www.youtube.com/watch?v=mZzhfPle9QU Staff Engineer Meta partage 50 tips après 6 mois d'utilisation intensive de Claude Code Basé sur ~12h/jour d'usage perso et professionnel Couvre tout : bases, workflows avancés, parallélisation Objectif : partager ce qu'il aurait voulu savoir dès le départ Méthodologies Quelqu'un rale sur la non soutenabilité des bases de code écritent avec des agents https://mariozechner.at/posts/2026-03-25-thoughts-on-slowing-the-fuck-down/ Mario Zechner estime que les agents IA font les mêmes erreurs répétitivement sans apprendre, accumulant la complexité à grande vitesse faute de bottlenecks humains Sans vision globale, les agents créent du cargo-cult : les "best practices" de l'industrie appliquées localement sans cohérence architecturale La croissance de la base de code dégrade la capacité des agents à retrouver le code existant → duplication et incohérences croissantes Il cite des pannes AWS et des initiatives qualité Microsoft comme signes préoccupants liés au code généré par IA Solution : réserver les agents aux tâches délimitées et évaluables, garder l'architecture, les APIs et les systèmes critiques écrits à la main Maintenir une revue de code rigoureuse et traiter les humains comme les gardiens finaux de la qualité On m'oblige à utiliser l'IA https://n.survol.fr/n/on-moblige-a-utiliser-lia Éric D. défend l'adoption obligatoire de l'IA comme décision stratégique légitime, comparable au choix du full remote ou de la stack technique Il distingue la décision stratégique (adoption IA) de la méthode d'accompagnement (qui reste collaborative et bienveillante) La compétence IA devient un critère de recrutement : chercher des candidats déjà curieux et explorateurs de ces outils L'alignement culturel sur les pratiques et outils est un prérequis à la cohésion d'équipe Le refus d'adopter certains outils stratégiques peut justifier de ne pas recruter un candidat autrement compétent Encore une metodo SPDD https://martinfowler.com/articles/structured-prompt-driven/ Problème : l'IA accélère le dev individuel mais amplifie ambiguïtés et incohérences à l'échelle d'une équipe. martinfowler SPDD : traiter les prompts comme des artefacts versionnés, révisables et réutilisables plutôt que des échanges jetables. martinfowler Canvas REASONS : 7 dimensions (Requirements, Entities, Approach, Structure, Operations, Norms, Safeguards) pour guider le LLM de l'intention à l'exécution. martinfowler Workflow en 6 étapes : exigences → analyse → contexte → prompt structuré → code → tests unitaires, chaque étape s'appuyant sur la précédente. martinfowler 3 compétences clés : abstraction d'abord, alignement de l'intention, revue itérative. martinfowler Limites : fort ROI sur du code métier complexe, peu adapté aux hotfixes urgents, scripts jetables ou travail créatif/visuel. m Sécurité Le projet Glasswing pour sécuriser les logiciels https://www.anthropic.com/glasswing Anthropic lance Glasswing, une initiative de cybersécurité utilisant Claude Mythos Preview pour identifier des vulnérabilités zero-day 12 partenaires fondateurs dont AWS, Apple, Cisco, CrowdStrike, Google, JPMorganChase, Linux Foundation, Microsoft et NVIDIA Anthropic investit 100 millions de dollars en crédits de modèle et 4 millions en dons aux organisations de sécurité open source Le modèle opère avec une autonomie substantielle, identifiant des milliers de vulnérabilités dans les OS, navigateurs et infrastructures critiques Plus de 40 organisations supplémentaires ont accès pour scanner et sécuriser leurs systèmes Objectif : donner l'avantage aux défenseurs avant que les techniques de hacking assistées par IA ne se généralisent chez les attaquants LinkedIn vous espionne https://frenchbreaches.com/blog/linkedin-est-accuse-de-fouiller-dans-votre-ordinateur-illegalement Scandale "BrowserGate" : LinkedIn injecte du JavaScript qui tente de détecter les extensions Chrome installées sur votre navigateur Le script analysé contient une liste codée en dur de 6 222 extensions Chrome avec identifiants et chemins de fichiers internes Croissance alarmante de la liste ciblée : 38 extensions en 2017 → 461 en 2024 → ~1 000 en mai 2025 → 6 222 début 2026 Les données collectées incluent aussi CPU, RAM, résolution d'écran, timezone et état batterie pour du fingerprinting Certaines extensions ciblées sont liées à la neurodivergence, aux pratiques religieuses ou aux opinions politiques → violation grave du RGPD LinkedIn défend que le scan vise uniquement à détecter les extensions qui pratiquent le scraping de données Post mortem de la supply chain attack sur la librairie NPM axios https://github.com/axios/axios/issues/10636 Le 31 mars 2026, deux versions malveillantes d'axios (1.14.1 et 0.30.4) ont été publiées via un compte mainteneur compromis Vecteur d'attaque : RAT installé via ingénierie sociale ciblée sur la machine personnelle du mainteneur principal La 2FA ne protège pas si la machine de l'utilisateur est compromise : l'attaquant contrôle tout et peut agir comme l'utilisateur Les packages malveillants injectaient plain-crypto-js@4.2.1, un cheval de Troie multi-plateforme (macOS, Windows, Linux) Détection communautaire en ~3 heures, suppression par npm, mesures correctives : rotation complète des credentials Changements préventifs : publication via OIDC, releases immuables, amélioration des pratiques GitHub Actions Passbolt un gestionnaire de mots de passe open source https://lesjoiesducode.fr/passbolt-gestionnaire-de-mots-de-passe-gratuit-open-source-que-votre-equipe-merite-vraiment Gestionnaire de mots de passe open source conçu pour le partage d'identifiants en équipe, utilisé par plus de 50 000 organisations Chiffrement individuel par utilisateur et par version de credential, pas de coffre-fort partagé — architecture zero-knowledge "Forward secrecy" : quand un membre quitte l'équipe, ses copies chiffrées sont automatiquement révoquées sans reset manuel Supporte TOTP, clés SSH, tokens API et champs personnalisés avec piste d'audit complète de tous les accès Édition communautaire entièrement gratuite avec utilisateurs illimités, auto-hébergeable ou cloud Chiffrement OpenPGP nécessitant passphrase + clé privée, avec tokens visuels anti-phishing Loi, société et organisation Anthropic fait un don d'1,5 millions de dollars à la fondation Apache https://news.apache.org/foundation/entry/the-apache-software-foundation-announces-1-5m-donation-from-anthropic Anthropic donne 1,5 million de dollars à l'ASF pour soutenir l'infrastructure, la sécurité et la communauté open source Vitaly Gudanets (CISO d'Anthropic) : "Soutenir l'ASF est un investissement direct dans la résilience et l'intégrité des systèmes dont dépend l'IA moderne" Les fonds financeront les systèmes de build, les processus de sécurité et les services aux projets Apache Ce don est le déclencheur de l'initiative IA responsable à 10 millions de dollars de l'ASF L'infrastructure Apache est invisible mais critique : des systèmes financiers aux plateformes de santé, elle sous-tend l'écosystème logiciel mondial L'ASF lance l'initiative IA responsable https://news.apache.org/foundation/entry/the-apache-software-foundation-launches-10m-responsible-ai-initiative-with-initial-1-75m-donation L'ASF lance une initiative pour une IA responsable dotée d'un budget de 10 millions de dollars sur 3 ans minimum Anthropic est le premier donateur avec 1,5 million de dollars ; Alpha-Omega contribue 250 000 dollars L'initiative fournit aux projets Apache un accès à des modèles IA pour l'expérimentation et la sécurité Elle soutient l'ensemble de la chaîne IA/ML : pipelines de données, infrastructure, frameworks de deep learning Des tracks de conférences, hackathons et bourses de voyage sont prévus pour élargir la communauté Les principes directeurs incluent la supervision humaine, l'intégrité des licences et la sécurité open source Oracle vire 30000 personnes https://rollingout.com/2026/03/31/oracle-slashes-30000-jobs-with-a-cold-6/ Oracle licencie 20 000 à 30 000 employés, 18% de ses effectifs mondiaux. Les salariés ont appris leur licenciement par un simple email à 6h du matin, sans aucun préavis. L'accès à tous les systèmes (Slack, Zoom, badges) a été coupé immédiatement après. But : libérer 8 à 10 milliards de dollars pour construire des centres de données IA. Oracle a déjà contracté 50 milliards de dettes en 2026 pour financer ses projets IA. Paradoxe : l'entreprise affiche un bénéfice record de 6,13 milliards, mais ses liquidités sont dans le rouge. L'action Oracle a perdu plus de la moitié de sa valeur depuis septembre 2025. Et si l'IA n'était qu'un prétexte pour licencier https://eventuallycoding.com/p/ia-licenciements-et-si-l-intelligence-artificielle-n-etait-qu-une-excuse Hugo Lassiège (eventuallycoding) estime que les entreprises utilisent l'IA comme narratif commode pour masquer des erreurs de gestion passées (Block a triplé ses effectifs post-COVID sans croissance des revenus correspondante) Moins de 1% des licenciements technologiques seraient réellement dus à des gains de productivité IA selon les analyses citées Mesurer la productivité des développeurs reste un problème non résolu, mais les entreprises affirment des gains d'efficacité sans preuves Des pressions économiques réelles (inflation, guerres commerciales, coûts énergétiques) sont masquées derrière le discours IA Les restructurations nécessaires sont présentées comme des transformations AI-driven positives pour rassurer les investisseurs Il y voit une fenêtre d'opportunité pour l'Europe pendant que les géants américains se restructurent GitHub Copilot va utiliser les interacitons pour entrainer ses modèles sauf si vous vous délistez https://github.blog/news-insights/company-news/updates-to-github-copilot-interaction-data-usage-policy/ À partir du 24 avril 2026, GitHub utilise par défaut les interactions des utilisateurs Copilot Free, Pro et Pro+ pour entraîner ses modèles Les données collectées incluent le code accepté ou modifié, les snippets envoyés, les noms de fichiers et structures de dépôts, et les retours utilisateurs Les utilisateurs Copilot Business, Enterprise et les dépôts d'entreprise sont exclus de cette collecte de données d'entraînement Opt-out disponible dans les paramètres GitHub > "Privacy" ; les préférences de désactivation préalables sont conservées automatiquement Objectif déclaré : améliorer la précision des modèles sur les langages et cas d'usage du monde réel Grosse percée de Claude Code dans les commits sur GitHub https://aifoc.us/damn-claude-thats-a-lot-of-commits/ Explosion de Claude Code : En six mois, Claude Code est passé de 0,7 % à 4,5 % de tous les commits publics sur GitHub, surpassant tous les autres outils d'IA combinés. Adoption massive des agents IA : Environ 5 % des commits publics sur GitHub sont désormais générés par des agents IA, un chiffre en croissance rapide depuis fin 2025. Domination des bots sur GitHub : Au-delà des commits, les outils d'IA sont omniprésents dans la gestion des pull requests et des problèmes (Copilot et CodeRabbit notamment). Limites méthodologiques : Les données ne concernent que les dépôts publics (les entreprises utilisent massivement des dépôts privés, invisibles ici). Le comptage dépend fortement de la visibilité des signatures (certains outils comme Claude marquent systématiquement leurs commits, d'autres non) L'API de recherche GitHub présente une fiabilité variable à cette échelle. Changement de paradigme : Le développement logiciel vit une transition majeure, comparable au passage du desktop au mobile. L'intégration des agents IA dans le cycle de production n'est plus une expérimentation, mais une réalité opérationnelle à grande échelle. Dysmaths une application pour aider à apprendre les mathématiques et la géométrie lorsque l'on souffre de dyspraxie, dysgraphie https://dysmaths.com/ Application web pour aider les élèves de collège et lycée souffrant de dysgraphie et dyspraxie à faire des maths et de la géométrie Outils de dessin à main levée, géométrie précise (compas, rapporteur, règle) et opérations structurées (fractions, racines, puissances, symboles mathématiques) Export PDF et PNG avec conservation fidèle de l'échelle pour l'impression et la soumission des exercices Options d'accessibilité : police OpenDyslexic, personnalisations d'interface, import d'images et de PDFs Répond à un besoin réel : les outils standards ne sont pas adaptés aux difficultés de coordination et d'organisation spatiale en mathématiques IA ou réalité ? Par Amistory https://www.youtube.com/watch?v=PPYdAhBBF2I L'IA génère des contenus (images, voix, vidéos) de plus en plus indétectables Les arnaques au clonage de voix et deepfakes sont en forte hausse Les faux contenus viraux manipulent l'opinion à grande échelle Le faux n'est plus un accident, c'est devenu un système organisé La société entre dans une ère de doute généralisé sur le réel Comment s'informer quand le réel lui-même peut être simulé ? Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 6-7 mai 2026 : Devoxx UK 2026 - London (UK) 12 mai 2026 : Lead Innovation Day - Leadership Edition - Paris (France) 12-13 mai 2026 : Lyon Craft - Lyon (France) 19 mai 2026 : La Product Conf Paris 2026 - Paris (France) 19-20 mai 2026 : Green Code Challenge - Paris (France) 21-22 mai 2026 : Flupa UX Days 2026 - Paris (France) 22 mai 2026 : AFUP Day 2026 Lille - Lille (France) 22 mai 2026 : AFUP Day 2026 Paris - Paris (France) 22 mai 2026 : AFUP Day 2026 Bordeaux - Bordeaux (France) 22 mai 2026 : AFUP Day 2026 Lyon - Lyon (France) 27 mai 2026 : aMP Day Strasbourg 2026 - Strasbourg (France) 28 mai 2026 : DevCon 27 : I.A. & Vibe Coding - Paris (France) 28 mai 2026 : Cloud Toulouse 2026 - Toulouse (France) 29 mai 2026 : NG Baguette Conf 2026 - Paris (France) 29 mai 2026 : Agile Tour Strasbourg 2026 - Strasbourg (France) 2-3 juin 2026 : Agile Tour Rennes 2026 - Rennes (France) 2-3 juin 2026 : OW2Con - Paris-Châtillon (France) 3 juin 2026 : IA–NA - La Rochelle (France) 4 juin 2026 : Workplace Intelligence Days - 1ère édition - Lyon (France) 5 juin 2026 : TechReady - Nantes (France) 5 juin 2026 : Fork it! - Rouen - Rouen (France) 6 juin 2026 : Polycloud - Montpellier (France) 9 juin 2026 : JFTL - Montrouge (France) 9 juin 2026 : C: - Caen (France) 9 juin 2026 : France API 2026 - Paris (France) 11-12 juin 2026 : DevQuest Niort - Niort (France) 11-12 juin 2026 : DevLille 2026 - Lille (France) 12 juin 2026 : Tech F'Est 2026 - Nancy (France) 15 juin 2026 : Jupyter Workshops: Demystifying MyST Markdown in Education - Orsay (France) 16 juin 2026 : Mobilis In Mobile 2026 - Nantes (France) 17-19 juin 2026 : Devoxx Poland - Krakow (Poland) 17-20 juin 2026 : VivaTech - Paris (France) 18 juin 2026 : Tech'Work - Lyon (France) 22-26 juin 2026 : Galaxy Community Conference - Clermont-Ferrand (France) 23-24 juin 2026 : MWCP 2026 - Paris (France) 24-25 juin 2026 : Agi'Lille 2026 - Lille (France) 24-26 juin 2026 : BreizhCamp 2026 - Rennes (France) 25-26 juin 2026 : Agile Tour Toulouse 2026 - Toulouse (France) 27 juin 2026 : Asynconf - Paris (France) 2 juillet 2026 : Azur Tech Summer 2026 - Valbonne (France) 2-3 juillet 2026 : Sunny Tech - Montpellier (France) 3 juillet 2026 : Agile Lyon 2026 - Lyon (France) 6-8 juillet 2026 : Riviera Dev - Sophia Antipolis (France) 28-30 août 2026 : State of the Map - Champs-sur-Marne (France) 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 10-11 septembre 2026 : Nantes Craft - Nantes (France) 17 septembre 2026 : dotAI - Paris (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 18 septembre 2026 : dotJS - Paris (France) 18 septembre 2026 : WordCamp Bretagne - Rennes (France) 22 septembre 2026 : Salon Data 2026 - Nantes (France) 22-23 septembre 2026 : Agile en Seine & IA 2026 - Paris (France) 24 septembre 2026 : OWASP AppSec Days France 2026 - Paris (France) 24 septembre 2026 : PlatformCon Paris - Paris (France) 24 septembre 2026 : React Native Connection 2026 - Paris (France) 24-26 septembre 2026 : Paris Web 2026 - Paris (France) 28-29 septembre 2026 : 4th Tech Summit on AI & Robotics - Paris (France) & Online 1 octobre 2026 : WAX 2026 - Marseille (France) 1-2 octobre 2026 : Volcamp - Clermont-Ferrand (France) 2 octobre 2026 : DevFest Perros-Guirec 2026 - Perros-Guirec (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) 12 octobre 2026 : Dev With AI - Paris (France) 27-29 octobre 2026 : Directions EMEA 2026 - Paris (France) 29-30 octobre 2026 : BDX I/O 2026 - Bordeaux (France) 30 octobre 2026 : Cloud Nord 2026 - Lille (France) 4-5 novembre 2026 : Devoxx Morocco - Casablanca (Morocco) 14-15 novembre 2026 : Capitole du Libre - Toulouse (France) 19 novembre 2026 : DevFest Toulouse 2026 - Toulouse (France) 27 novembre 2026 : DevFest Paris 2026 - Paris (France) 1-3 décembre 2026 : Apidays Paris - Paris (France) 4 décembre 2026 : DevFest Lyon 2026 - Lyon (France) 4 décembre 2026 : DevFest Dijon 2026 - Dijon (France) 9-10 décembre 2026 : OpenSource Expérience - Paris (France) 9-10 décembre 2026 : DevOps REX - Paris (France) 10 décembre 2026 : KCD Provence - Aix-en-Provence (France) 7-9 avril 2027 : Devoxx France 2027 - Paris (France) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

In this episode of the Crazy Wisdom Podcast, host Stewart Alsop sits down with Tyler Cloutier, founder of Clockwork Labs and creator of SpaceTimeDB. They explore how SpaceTimeDB functions as more than just a database—it's essentially a distributed operating system that merges server logic with data storage, enabling real-time applications and time-travel capabilities. The conversation ranges from the technical architecture of databases and operating systems to the philosophy of distributed systems, touching on everything from Unix and Linux to how SpaceTimeDB could revolutionize AI-generated software deployment. Tyler explains how their system reduces the complexity of building real-time applications, makes deployment simpler for both humans and AI agents, and why games like their MMORPG BitCraft Online drove them to create this new infrastructure. They also discuss the future of the internet, the role of bots in gaming, and how SpaceTimeDB fits into the broader landscape of cloud computing alongside tools like Cloudflare, Vercel, and Docker. For more information, visit spacetimedb.com or check out Clockwork Labs on GitHub and Twitter.Timestamps00:00 Stewart introduces Tyler Cloutier, founder of Clockwork Labs, discussing the origin of SpaceTimeDB's name inspired by Einstein's theory and its time travel capabilities that store all operations indefinitely05:00 Tyler explains SpaceTimeDB as more of an operating system than a database, using tables instead of file systems while running code in a sandboxed environment with full atomic properties10:00 Discussion of how SpaceTimeDB replaces both Node.js and Postgres by merging web server and database functionality, eliminating separate deployment concerns15:00 Tyler explains JavaScript execution through Chrome's V8 engine and JIT compiling, leading to Node.js creation for server-side JavaScript development20:00 Explanation of stateless web servers versus stateful game servers, and why games require in-memory state management for real-time performance25:00 Tyler introduces reducers and real-time subscriptions, questioning why more applications aren't real-time when state changes should update immediately30:00 Discussion of Facebook as essentially a text-based MMO, comparing social media architecture to game server requirements and the need for unified systems35:00 Tyler explains ACID properties in databases: atomic, consistent, isolated, and durable, using game item trading examples40:00 Comparing SpaceTimeDB to smart contract systems without cryptocurrency or global consensus, positioning it as a smart database with centralized trust45:00 Tyler reveals SpaceTimeDB uses 43% fewer tokens than Postgres for AI-generated applications, making it valuable for vibe coding platforms50:00 Conversation shifts to bots in games and proof-of-human concepts, with Tyler proposing biometric systems and discussing potential in-person gaming applications55:00 Closing discussion about tracking AI-driven traffic through UTM parameters and finding SpaceTimeDB at spacetimedb.comKey Insights1. SpaceTimeDB is fundamentally a database that runs application code directly inside it, combining what traditionally required separate systems like Postgres and Node.js. Users compile their application logic into WebAssembly or JavaScript and upload it to run within the database itself. This architecture provides high performance because the entire server backend operates inside the database environment. The system also features time travel capabilities, storing every operation and change to data persistently and indefinitely, allowing users to set application state back to any earlier point in time. This makes SpaceTimeDB more accurately described as an operating system rather than just a database, where the abstraction is that everything is a table rather than a file.2. The inspiration for SpaceTimeDB came from building BitCraft Online, an MMORPG where all players exist in a single persistent world and rebuild civilization together. Traditional MMO backends required complex custom solutions to handle real-time state, with game servers storing state in memory and periodically writing to databases. This complexity existed because games cannot afford the latency of constantly delegating to distant databases like traditional web applications can. SpaceTimeDB solved this by making the database fast enough to handle real-time requirements directly, eliminating the need for separate game servers. This same performance advantage that benefits games also applies to web applications, which is why SpaceTimeDB evolved from a game-specific tool to a general-purpose platform.3. SpaceTimeDB functions as a distributed operating system where each database acts like a process in an actor model system, similar to Erlang or Scala Akka. Databases can send messages to other databases and be spawned across a cluster for horizontal scaling. This represents an overlay operating system running on top of Linux rather than competing with it, providing a distributed abstraction across many machines while Linux handles device drivers and hardware support. The vision is for the cloud to function as a single enormous computer running one operating system, where developers simply publish their programs without managing separate services, deployment, routing, networking, or persistence infrastructure.4. The real-time capabilities of SpaceTimeDB address a fundamental limitation in how most web applications work today. Traditional web servers are stateless, delegating all state to databases and accepting network round-trip latency for each request, which is why users often must refresh pages to see updates. SpaceTimeDB allows queries to be subscribed to, maintaining open connections that stream changes whenever query results update. This makes applications like Discord, Facebook, or banking systems naturally real-time without requiring page refreshes. The historical accident that more things are not real-time represents a problem SpaceTimeDB solves by unifying the web world with the game world's real-time requirements.5. SpaceTimeDB implements ACID properties—Atomic, Consistent, Isolated, and Durable—ensuring database operations are reliable and safe. Atomic means operations either fully happen or not at all, preventing issues like item duplication in games when trading between players. Consistent means declared invariants like unique usernames are always enforced. Isolated means concurrent operations do not interfere with each other. Durable means changes persist even if computers restart, with varying levels from in-memory on one machine to disk storage across multiple geographic locations. These properties are managed through reducers, functions inspired by React Redux that fold changes into application state incrementally.6. For AI and large language models, SpaceTimeDB offers significant advantages in building and deploying applications. Testing showed that creating applications with SpaceTimeDB uses 43% fewer tokens compared to Postgres implementations, costs less, has fewer bugs, and is easier to extend. This matters because the primary cost for vibe coding platforms is tokens. As more software gets written in the next twelve months than ever before, there is insufficient focus on infrastructure required to run all this AI-generated software. SpaceTimeDB positions itself as ideal for LLMs to target because of its simplified deployment model where developers just publish code and the system handles everything behind the scenes.7. SpaceTimeDB can be understood as a smart contract system without cryptocurrency or global decentralized consensus. Like blockchain smart contracts, it executes code with atomic, consistent, isolated, and durable properties, but avoids the expense and slowness of requiring all computers worldwide to agree on everything. Instead, it offers centralized trust where users trust Clockwork Labs not to modify deployed contracts, rather than the trustless but extremely costly blockchain approach. This makes it functionally similar to Cloudflare's durable objects but with full relational database capabilities. The system exists before the networking layer where Cloudflare operates, handling deployment, server, and database functions while Cloudflare could provide DDoS protection in front of it.

This interview was recorded for the GOTO Book Club.http://gotopia.tech/bookclubLukasz Dynowski - Independent Consultant & Co-Author of "Learning API Styles"Sam Newman - Author of "Building Microservices" & "Monolith to Microservices"Check out more here:https://gotopia.tech/episodes/436RESOURCESLukaszhttps://github.com/ludyn-leohttps://www.linkedin.com/in/ldyniahttps://learningapistyles.comSamhttps://twitter.com/samnewmanhttps://github.com/snewmanhttps://www.linkedin.com/in/samnewmanhttp://samnewman.iohttp://samnewman.io/blogLinkshttps://www.youtube.com/@ldynia1https://www.youtube.com/playlist?list=PLRkB-vSK4koOHYIhpKXuXpipVpByEKuPuhttps://learningapistyles.comhttps://github.com/ldynia/learning-api-styleshttps://nordicapis.com/the-bezos-api-mandate-amazons-manifesto-for-externalizationhttps://dl.acm.org/doi/10.1145/1176617.1176622DESCRIPTIONIn this GOTO Book Club episode, Sam Newman — author of "Building Microservices" — sits down with Lukasz Dynowski, co-author of "Learning API Styles", for a refreshingly low-level deep dive into a subject most developers think they already understand. The book deliberately starts from the network layer up — transmission modes, TCP, protocol stacks — rather than jumping straight to REST and GraphQL, because, as Lukasz explains, most API problems only become visible when you understand the substrate beneath them. The conversation covers the full spectrum: public vs internal APIs, the Bezos API Mandate moment, why treating your API as a product is non-negotiable, and why the choice between binary and textual protocols is never as obvious as performance benchmarks suggest.The real gold comes in two moments. First, Lukasz lays out a crisp checklist for what makes a good API — audience-awareness, maintainability, efficiency, intuitiveness, resilience, security, testability, and documentation that actually matches behavior. Second, Sam shares a war story about a credit derivative system where the only way to figure out who was accessing the database was to turn off the credentials and wait for angry phone calls.The lesson: context shapes every trade-off, there's no universal right answer between REST, gRPC, WebSockets, or messaging, and the best API decision is the one that fits your situation — not the one that fits the conference talk.RECOMMENDED BOOKSLukasz Dynowski • Learning API Styles • https://amzn.to/3PFembKSam Newman • Building Resilient Distributed Systems • https://www.oreilly.com/library/view/building-resilient-distributed/9781098163532Sam Newman • Monolith to Microservices • https://amzn.to/2Nml96ESam Newman • Building Microservices • https://amzn.to/3dMPbOsRonnie Mitra & Irakli Nadareishvili • Microservices: Up and Running• https://amzn.to/3c4HmmLBlueskyInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!

#343: Here's the thing about your company's APIs -- they were built for your own engineers to use inside your own software. Nobody designed them to be the front door. But that's exactly what's happening. Matt DeBergalis, CEO of Apollo GraphQL, makes a pretty compelling case that AI agents are turning internal APIs into the actual interface between companies and customers. Not the website. The APIs themselves. And most of them aren't ready for that. At all. Think about what happens when you point a model at a typical REST API. GitHub's API returns hundreds of fields for a single repository object. Fine when another service is calling it. But a model? All those extra fields are context you're paying for, and they make the model hallucinate. Matt says you need something between the model and all those backend services -- an orchestration layer that takes one request and handles the mess underneath. That's where GraphQL comes in. He draws a parallel that'll land immediately if you've been in this space a while. APIs right now are pets -- handwritten, named, carefully managed. But AI-generated code is about to produce way more microservices, which means way more APIs. They're going to become cattle. And just like containers needed Kubernetes, APIs are going to need declarative infrastructure to manage them at scale. The conversation takes an interesting turn when Darin pushes back on the idea that developers are becoming architects. His take: we're becoming product managers. Matt says both. Viktor throws in code reviewers. Matt's own story backs it up -- he codes more as CEO than he did as CTO, because AI handles the parts he never had time to learn. He doesn't know modern React. Doesn't need to. One more thing that should make any tech company uncomfortable: if AI agents are how customers find you now, what happens to your docs-page-driven acquisition funnel? Apollo's already made the shift -- their first audience for documentation is the models, not the humans.   Matt's contact information: LinkedIn: https://www.linkedin.com/in/debergalis/   YouTube channel: https://youtube.com/devopsparadox   Review the podcast on Apple Podcasts: https://www.devopsparadox.com/review-podcast/   Slack: https://www.devopsparadox.com/slack/   Connect with us at: https://www.devopsparadox.com/contact/

Long-lived software systems rarely stay tidy. Over time they accumulate decisions, workarounds, and layers of history that can make even simple changes feel risky. For engineers responsible for maintaining those systems, the challenge often becomes less about writing new code and more about understanding what already exists. In this episode of Maintainable, Robby Russell speaks with Joel Oliveira, Engineering Manager at ezCater, about what helps software remain understandable and adaptable as it evolves. Joel starts with a principle that often gets overlooked: predictability. When patterns are consistent and code is organized in familiar ways, engineers can navigate a codebase with confidence. Frameworks like Ruby on Rails reinforce this by encouraging shared conventions, making it easier for developers to orient themselves when working in a new application. The conversation also explores how common metrics can be misleading. Test coverage is often treated as a proxy for quality, but Joel explains that it can create a false sense of confidence. Instead, he values testing most as a thinking tool. Practices like test-driven development can help engineers clarify interfaces and better understand the problem before committing to an implementation. Joel also shares a story from ezCater about replacing an aging image-cropping service that had become difficult to maintain and required frequent restarts due to a memory leak. Rather than patch the system again, the team introduced ImageProxy, an open source image processing tool created by Evil Martians. Because the image URLs flowed through a single object in their GraphQL layer, the team could introduce an adapter and gradually route traffic to the new service using feature flags. This allowed them to migrate safely and incrementally instead of relying on a risky “big bang” change. Robby and Joel also discuss how engineers' perspectives shift over time. Early in a career it is easy to look at legacy code and label it as bad. Joel now sees older systems as layers of decisions shaped by real constraints. Approaching them with empathy makes it easier to improve them thoughtfully. The episode closes with advice for engineers maintaining complex systems: frame problems as opportunities. By documenting impact and proposing incremental improvements, teams can steadily move their software toward a healthier future. Maintainable software rarely comes from one heroic refactor. More often, it's the result of many small improvements made by teams who understand their systems and care about how they evolve. Episode Highlights 00:02:18 – Predictability as a Maintainability Feature Joel explains why predictable patterns and conventions make large codebases easier to navigate. 00:07:41 – When Test Coverage Misleads Why high coverage can give a false sense of quality. 00:12:05 – Consulting vs. Product Engineering How switching environments shaped Joel's approach to code. 00:16:32 – Replacing a Legacy Image Service ezCater's migration away from a failing Node-based image service. 00:21:14 – Migrating with Adapters and Feature Flags How the team gradually moved traffic to ImageProxy. 00:26:03 – Developing Empathy for Legacy Code Why older systems deserve understanding, not blame. 00:30:47 – The Shift to Engineering Management Joel reflects on moving from IC work to leading teams. 00:34:52 – Advice for Improving Complex Systems Small, consistent improvements matter more than big rewrites. Thanks to Our Sponsor! Turn hours of debugging into just minutes! AppSignal is a performance monitoring and error-tracking tool designed for Ruby, Elixir, Python, Node.js, Javascript, and other frameworks. It offers six powerful features with one simple interface, providing developers with real-time insights into the performance and health of web applications. Keep your coding cool and error-free, one line at a time!  Use the code maintainable to get a 10% discount for your first year. Check them out! Links / References Joel Oliveira — LinkedIn Joel Oliveira — Website Joel Oliveira — Mastodon (@jayroh) ezCater ImageProxy Subscribe to Maintainable on:Apple PodcastsSpotifyOr search "Maintainable" wherever you stream your podcasts.Keep up to date with the Maintainable Podcast by joining the newsletter.

Hi, Spring fans! In this installment, I talk to Jennifer Reif, developer advocate at Neo4J, about graph RAG, graph databases, GraphQL, Neo4J, Spring Data Neo4J, and more. #neo4j #graphRag #AI #artificialintelligence

Engineering teams often build microservices as their systems grow, but over time this can lead to a fragmented ecosystem with scattered data access patterns, duplicated business logic, and an uneven developer experience. A unified data graph with a consistent execution layer helps address these challenges by centralizing schema, simplifying how teams compose functionality, and reducing The post Airbnb's Open-Source GraphQL Framework with Adam Miskiewicz appeared first on Software Engineering Daily.

Engineering teams often build microservices as their systems grow, but over time this can lead to a fragmented ecosystem with scattered data access patterns, duplicated business logic, and an uneven developer experience. A unified data graph with a consistent execution layer helps address these challenges by centralizing schema, simplifying how teams compose functionality, and reducing The post Airbnb's Open-Source GraphQL Framework with Adam Miskiewicz appeared first on Software Engineering Daily.

In this episode of the Liquid Weekly Podcast, hosts Karl Meisterheim and Taylor Page recap Taylor's trip to New York City for the exclusive Shopify Winter Editions meetup. They break down the "Agentic Commerce" hype, the realities of the new Universal Commerce Protocol (UCP), and why the best way to optimize for AI is actually just using Standard Category Metafields.The episode features on-the-ground interviews with key Shopify staff members, including Liam Griffin, Darius (Senior Product Lead, Dev Platform), and Eitan (Shopify Flow team), offering deep dives into the new developer tools, Shop Minis, and the future of Shopify Flow.Interviews & Highlights Liam Griffin: Discusses the Model Context Protocol (MCP) for developers, using AI for mundane tasks like REST-to-GraphQL migration, and the "Pokemon generation" explosion of Shop Minis (including a virtual sommelier!). Darius: Breaks down the Universal Commerce Protocol (UCP), how the Catalog API works with agents, and why "Agentic Engine Optimization" isn't about hacks—it's about clean data and taxonomy. Eitan: Covers the "Flow 3.0" feel with new Sidekick-generated workflows, the highly anticipated testing layer, and moving toward declarative UIs.Timestamps00:00 Introduction, Stickers, and Winter Storm Stories06:40 Taylor's NYC Editions Trip Recap20:45 Key Takeaways: Agentic Commerce & UCP Realities31:00 Live Demo: Shopify Flow Sidekick Generation & Testing Layer38:30 Developer Tip: Running Queries from Dev Docs in GraphiQL43:00 Interview: Liam Griffin (Dev MCP, Shop Minis, Dev Forums)55:20 Interview: Darius (Universal Commerce Protocol, Metaobject Limits, Catalog API)01:07:50 Interview: Eitan (Shopify Flow Updates)01:20:30 Dev Changelog Highlights01:25:00 Picks of the WeekDev Changelog New article list input settings for themes: Link Migrate metafields with Shopify App Import custom data definitions: Link [Action Required] Shop Minis development now requires partner account permissions: Link [Action Required] Standardization of asset_url version params: Link Shopify App extensions now support Admin and Theme App Extensions: Link [Action Required] Ensuring POS UI extension stability by hardening callback handling: LinkPicks of the Week Karl: MagiQuest at Great Wolf Lodge – An interactive live-action game that turns the water park lodge into a questing adventure. Taylor: DJI Mic 3 – Wireless microphones that offer professional audio quality and ease of use for field recordings and interviews.Sign Up for Liquid WeeklyDon't miss out on expert insights and tips—subscribe to Liquid Weekly for more content like this: https://liquidweekly.com/

This interview was recorded for the GOTO Book Club.http://gotopia.tech/bookclubCheck out more here:https://gotopia.tech/episodes/416Martin Štefanko - Quarkus Core Engineer at IBM & Co-Author of "Quarkus in Action"Jan Martiška - Software Engineer Quarkus at IBM & Co-Author of "Quarkus in Action"Holly Cummins - Senior Technical Staff Member, Quarkus at IBMRESOURCESMartinhttps://bsky.app/profile/xstefank.bsky.socialhttps://mastodon.cloud/@xstefankhttps://x.com/xstefankhttps://github.com/xstefankhttps://www.linkedin.com/in/martin-stefankoJanhttps://bsky.app/profile/janmartiska.bsky.socialhttps://x.com/janmartiskahttps://github.com/jmartiskhttps://www.linkedin.com/in/janmartiskaHollyhttps://hollycummins.comhttps://hollycummins.com/type/bloghttps://bsky.app/profile/hollycummins.comhttps://hachyderm.io/@holly_cumminshttps://twitter.com/holly_cumminshttps://github.com/holly-cumminshttps://linkedin.com/in/holly-k-cumminsLinkshttps://code.quarkus.iohttps://vaadin.comDESCRIPTIONHolly Cummins sits down with Martin Stefanko and Jan Martiška, authors of "Quarkus in Action", to discuss their journey writing this comprehensive guide to the Java framework. The authors share insights about Quarkus's developer experience, from its blazing-fast dev mode to native compilation capabilities, while revealing what they learned writing about 29 different extensions across 12 chapters.They discuss the book's structure - from getting started to deploying in the cloud- and offer practical advice on when to use JVM versus native compilation, making this essential reading for both Quarkus newcomers and experienced developers.RECOMMENDED BOOKSMartin Stefanko • Jan Martiska • Quarkus in Action • https://amzn.to/3K1En2zBen Evans & Jim Gough • Optimizing Cloud Native Java • https://amzn.to/41nivD9Kief Morris • Infrastructure as Code • https://amzn.to/4e6EBQcAlex Soto Bueno & Jason Porter • Quarkus Cookbook • https://amzn.to/4au3QfFBlueskyTwitterInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!

Jens Neuse grew up in Germany, originally planning to be a carpenter. In his 2nd year as an apprentice, he was in a motorcycle wreck that thrust him into a process of surgery and healing. Eventually, he decided he wouldn't be doing carpentry, and got into sysadmin work. Once he got bored with this, he moved into startups, learned how to code, and starting digging into programming, API's and eventually - GraphQL federation. Outside of tech, he is married with 3 young kids. He loves to sit ski on the mountain - which is the coolest carbon fiber chair on a ski, where you steer with your knees and hips.After chasing building a better Apollo, Jens and his team ran into a point where their prior product and company was doomed to go under. When they accepted this fact, they started to think about what people actually wanted - and started to dig into the federation of GraphQL.This is the creation story of Wundergraph.SponsorsIncogniNordProtectVentionCodeCrafters helps you become a better engineer by building real-world, production-grade projects. Learn hands-on by creating your own Git, Redis, HTTP server, SQLite, or DNS server from scratch. Sign up for free today using this link and enjoy 40% off.Full ScalePaddle.comSema SoftwarePropelAuthPostmanMeilisearchLinkshttps://wundergraph.com/https://www.linkedin.com/in/jens-neuse-706673195Our Sponsors:* Check out Incogni: https://incogni.com/codestory* Check out NordProtect: https://nordprotect.com/codestorySupport this podcast at — https://redcircle.com/code-story-insights-from-startup-tech-leaders/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

В 86 выпуске подкаста Javaswag поговорили c Григорием Вахмистровым о Java и C#, GraphQL и менторинге. Обсудили, каково это — переходить из экосистемы Microsoft в мир JVM, почему C# кажется более «продуктовым» и чего Java-разработчикам до сих пор не хватает для полного счастья (спойлер: это не только Lombok). Основную часть выпуска мы посвятили GraphQL: Григорий на практических примерах объяснил, как этот инструмент может стать «палочкой-выручалочкой» для сложных бэк-офисов и когда он действительно выигрывает у классического REST. В финале затронули тему менторства и обучения: почему люди готовы платить за наставничество больше, чем за курсы, как не «сгореть», преподавая безопасность, и почему иногда лучший совет ментора — это отговорить человека идти в IT. 00:00 — Интро 02:00 — Мир .NET и Xamarin. Опыт с Xamarin.Forms и осознание: «Нативщина рулит». 10:00 — C# vs Java: Razor/Blazor как JSTL на стероидах. Entity Framework против Hibernate. LINQ — почему это больше, чем просто Stream API. 25:00 — Тулгинг и почему Maven и Gradle заставляют мучиться после «зеленой кнопки» в Visual Studio. 30:00 — Архитектура букмекерской системы: Распределенный монолит и высокие нагрузки 40:00 — GraphQL: Когда REST начинает проигрывать 01:06:00 — Федерация и Stitching 01:21:00 — Менторство, EdTech 01:46:00 — Непопулярное мнение Гость: https://www.linkedin.com/in/grigoriy-vakhmistrov-96499913b/ Ссылки: https://www.graphql-java.com/ https://netflix.github.io/dgs/ Ссылки на подкаст: Сайт - https://javaswag.github.io/ Телеграм - https://t.me/javaswag Youtube - https://www.youtube.com/@javaswag Linkedin - https://www.linkedin.com/in/volyihin/ X - https://x.com/javaswagpodcast

Discover Firebase Data Connect with Tyler Crowe! Dive into SQL, GraphQL, AI, and live demos to supercharge your app's data. Share your thoughts below!https://codingcat.dev/podcast/firebase-sql-with-data-connect00:00 Data Connect Overview04:29 AI Features & Vertex13:13 SQL Views & Raw SQL15:45 Downloading SDKs24:37 Full Text Search30:32 Vector Search Explained38:20 GraphQL Insights47:43 Firestore vs Data Connect48:32 Conclusion

Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites.Follow us on XGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!====== Resources ======Unicode surrogates conversionPrompt. Scan. ExploitBreaking into thousands of cloud based VPNs with 1 bugExamining Access Control Vulnerabilities in GraphQLSmart Bus Smart HackingPasskeys PwnedBypassing Intent Destination ChecksGemini Agents in Google CalendarExploitation of DOM Clobbering Vuln at ScaleTheHulkSmart Devices, Dumb ResetsMac PRT Cookie Theft====== Timestamps ======(00:00:00) Introduction(00:10:10) Prompt. Scan. Exploit(00:23:52) Breaking into thousands of cloud based VPNs with 1 bug(00:33:25) Access Control Vulns in GraphQL, Smart Bus Hacking, & Passkeys Pwned(00:44:10) Bypassing Intent Destination Checks & Invoking Gemini Agents(00:57:08) DOM Clobbering, Mac PRT Cookie Theft, & Smart Devices, Dumb Resets

Dans cet épisode, Emmanuel, Katia et Guillaume discutent de Spring 7, Quarkus, d'Infinispan et Keycloak. On discute aussi de projets sympas comme Javelit, de comment démarre une JVM, du besoin d'argent de NTP. Et puis on discute du changement de carrière d'Emmanuel. Enregistré le 14 novembre 2025 Téléchargement de l'épisode LesCastCodeurs-Episode-332.mp3 ou en vidéo sur YouTube. News Emmanuel quitte Red Hat après 20 ans https://emmanuelbernard.com/blog/2025/11/13/leaving-redhat/ Langages Support HTTP/3 dans le HttpClient de JDK 26 - https://inside.java/2025/10/22/http3-support/ JDK 26 introduit le support de HTTP/3 dans l'API HttpClient existante depuis Java 11 HTTP/3 utilise le protocole QUIC sur UDP au lieu de TCP utilisé par HTTP/2 Par défaut HttpClient préfère HTTP/2, il faut explicitement configurer HTTP/3 avec Version.HTTP_3 Le client effectue automatiquement un downgrade vers HTTP/2 puis HTTP/1.1 si le serveur ne supporte pas HTTP/3 On peut forcer l'utilisation exclusive de HTTP/3 avec l'option H3_DISCOVERY en mode HTTP_3_URI_ONLY HttpClient apprend qu'un serveur supporte HTTP/3 via le header alt-svc (RFC 7838) et utilise cette info pour les requêtes suivantes La première requête peut utiliser HTTP/2 même avec HTTP/3 préféré, mais la seconde utilisera HTTP/3 si le serveur l'annonce L'équipe OpenJDK encourage les tests et retours d'expérience sur les builds early access de JDK 26 Librairies Eclispe Jetty et CometD changent leurs stratégie de support https://webtide.com/end-of-life-changes-to-eclipse-jetty-and-cometd/ À partir du 1er janvier 2026, Webtide ne publiera plus Jetty 9/10/11 et CometD 5/6/7 sur Maven Central Pendant 20 ans, Webtide a financé les projets Jetty et CometD via services et support, publiant gratuitement les mises à jour EOL Le comportement des entreprises a changé : beaucoup cherchent juste du gratuit plutôt que du véritable support Des sociétés utilisent des versions de plus de 10 ans sans migrer tant que les correctifs CVE sont gratuits Cette politique gratuite a involontairement encouragé la complaisance et retardé les migrations vers versions récentes MITRE développe des changements au système CVE pour mieux gérer les concepts d'EOL Webtide lance un programme de partenariat avec TuxCare et HeroDevs pour distribuer les résolutions CVE des versions EOL Les binaires EOL seront désormais distribués uniquement aux clients commerciaux et via le réseau de partenaires Webtide continue le support standard open-source : quand Jetty 13 sortira, Jetty 12.1 recevra des mises à jour pendant 6 mois à un an Ce changement vise à clarifier la politique EOL avec une terminologie industrielle établie Améliorations cloud du SDK A2A Java https://quarkus.io/blog/quarkus-a2a-cloud-enhancements/ Version 0.3.0.Final du SDK A2A Java apporte des améliorations pour les environnements cloud et distribués Composants en mémoire remplacés par des implémentations persistantes et répliquées pour environnements multi-instances JpaDatabaseTaskStore et JpaDatabasePushNotificationConfigStore permettent la persistance des tâches et configurations en base PostgreSQL ReplicatedQueueManager assure la réplication des événements entre instances A2A Agent via Kafka et MicroProfile Reactive Messaging Exemple complet de déploiement Kubernetes avec Kind incluant PostgreSQL, Kafka via Strimzi, et load balancing entre pods Démonstration pratique montrant que les messages peuvent être traités par différents pods tout en maintenant la cohérence des tâches Architecture inspirée du SDK Python A2A, permettant la gestion de tâches asynchrones longues durée en environnement distribué Quarkus 3.29 sort avec des backends de cache multiples et support du débogueur Qute https://quarkus.io/blog/quarkus-3-29-released/ Possibilité d'utiliser plusieurs backends de cache simultanément dans une même application Chaque cache peut être associé à un backend spécifique (par exemple Caffeine et Redis ou Infinispan) Support du Debug Adapter Protocol (DAP) pour déboguer les templates Qute directement dans l'IDE et dans la version 3.28 Configuration programmatique de la protection CSRF via une API fluent Possibilité de restreindre les filtres OIDC à des flux d'authentification spécifiques avec annotations Support des dashboards Grafana personnalisés via fichiers JSON dans META-INF/grafana/ Extension Liquibase MongoDB supporte désormais plusieurs clients simultanés Amélioration significative des performances de build avec réduction des allocations mémoire Parallélisation de tâches comme la génération de proxies Hibernate ORM et la construction des Jar Et l'utilisation des fichiers .proto est plus simple dans Quarkus avbec Quarkus gRPC Zero https://quarkus.io/blog/grpc-zero/ c'est toujours galere des fichiers .proto car les generateurs demandent des executables natifs maintenant ils sont bundlés dans la JVM et vous n'avez rien a configurer cela utilise Caffeine pour faire tourner cela en WASM dans la JVM Spring AI 1.1 est presque là https://spring.io/blog/2025/11/08/spring-ai-1-1-0-RC1-available-now support des MCP tool caching pour les callback qui reduit les iooerations redondantes Access au contenu de raisonnement OpenAI Un modele de Chat MongoDB Support du modele de penser Ollama Reessaye sur les echec de reseau OpenAI speech to text Spring gRPC Les prochaines étapes pour la 1.0.0 https://spring.io/blog/2025/11/05/spring-grpc-next-steps Spring gRPC 1.0 arrive prochainement avec support de Spring Boot 4 L'intégration dans Spring Boot 4.0 est reportée, prévue pour Spring Boot 4.1 Les coordonnées Maven restent sous org.springframework.grpc pour la version 1.0 Le jar spring-grpc-test est renommé en spring-grpc-test-spring-boot-autoconfigure Les packages d'autoconfiguration changent de nom nécessitant de modifier les imports Les dépendances d'autoconfiguration seront immédiatement dépréciées après la release 1.0 Migration minimale attendue pour les projets utilisant déjà la version 0.x La version 1.0.0-RC1 sera publiée dès que possible avant la version finale Spring arrete le support reactif d'Apache Pulsar https://spring.io/blog/2025/10/29/spring-pulsar-reactive-discontinued logique d'évaluer le temps passé vs le nombre d'utilisateurs c'est cependant une tendance qu'on a vu s'accélerer Spring 7 est sorti https://spring.io/blog/2025/11/13/spring-framework-7-0-general-availability Infrastructure Infinispan 16.0 https://infinispan.org/blog/2025/11/10/infinispan-16-0 Ajout majeur : migration en ligne sans interruption pour les nœuds d'un cluster (rolling upgrades) (infinispan.org) Messages de clustering refaits avec Protocol Buffers + ProtoStream : meilleure compatibilité, schéma évolutif garanti (infinispan.org) Console Web améliorée API dédiée de gestion des schémas (SchemasAdmin) pour gérer les schémas ProtoStream à distance (infinispan.org) Module de requête (query) optimisé : support complet des agrégations (sum, avg …) dans les requêtes indexées en cluster grâce à l'intégration de Hibernate Search 8.1 (infinispan.org) Serveur : image conteneur minimalisée pour réduire la surface d'attaque (infinispan.org) démarrage plus rapide grâce à séparation du démarrage cache/serveur (infinispan.org) caches pour connecteurs (Memcached, RESP) créés à la demande (on-demand) et non à l'initiaton automatique (infinispan.org) moteur Lua 5.1 mis à jour avec corrections de vulnérabilités et opérations dangereuses désactivées (infinispan.org) Support JDK : version minimale toujours JDK 17 (infinispan.org) prise en charge des threads virtuels (virtual threads) et des fonctionnalités AOT (Ahead-of-Time) de JDK plus récentes (infinispan.org) Web Javelit, une nouvelle librairie Java inspirée de Streamlit pour faire facilement et rapidement des petites interfaces web https://glaforge.dev/posts/2025/10/24/javelit-to-create-quick-interactive-app-frontends-in-java/ Site web du projet : https://javelit.io/ Javelit : outil pour créer rapidement des applications de données (mais pas que) en Java. Simplifie le développement : élimine les tracas du frontend et de la gestion des événements. Transforme une classe Java en application web en quelques minutes. Inspiré par la simplicité de Streamlit de l'écosystème Python (ou Gradio et Mesop), mais pour Java. Développement axé sur la logique : pas de code standard répétitif (boilerplate), rechargement à chaud. Interactions faciles : les widgets retournent directement leur valeur, sans besoin de HTML/CSS/JS ou gestion d'événements. Déploiement flexible : applications autonomes ou intégrables dans des frameworks Java (Spring, Quarkus, etc.). L'article de Guillaume montre comment créer une petite interface pour créer et modifier des images avec le modèle génératif Nano Banana Un deuxième article montre comment utiliser Javelit pour créer une interface de chat avec LangChain4j https://glaforge.dev/posts/2025/10/25/creating-a-javelit-chat-interface-for-langchain4j/ Améliorer l'accessibilité avec les applis JetPack Compose https://blog.ippon.fr/2025/10/29/rendre-son-application-accessible-avec-jetpack-compose/ TalkBack est le lecteur d'écran Android qui vocalise les éléments sélectionnés pour les personnes malvoyantes Accessibility Scanner et les outils Android Studio détectent automatiquement les problèmes d'accessibilité statiques Les images fonctionnelles doivent avoir un contentDescription, les images décoratives contentDescription null Le contraste minimum requis est de 4.5:1 pour le texte normal et 3:1 pour le texte large ou les icônes Les zones cliquables doivent mesurer au minimum 48dp x 48dp pour faciliter l'interaction Les formulaires nécessitent des labels visibles permanents et non de simples placeholders qui disparaissent Modifier.semantics permet de définir l'arbre sémantique lu par les lecteurs d'écran Les propriétés mergeDescendants et traversalIndex contrôlent l'ordre et le regroupement de la lecture Diriger le navigateur Chrome avec le modèle Gemini Computer Use https://glaforge.dev/posts/2025/11/03/driving-a-web-browser-with-gemini-computer-use-model-in-java/ Objectif : Automatiser la navigation web en Java avec le modèle "Computer Use" de Gemini 2.5 Pro. Modèle "Computer Use" : Gemini analyse des captures d'écran et génère des actions d'interface (clic, saisie, etc.). Outils : Gemini API, Java, Playwright (pour l'interaction navigateur). Fonctionnement : Boucle agent où Gemini reçoit une capture, propose une action, Playwright l'exécute, puis une nouvelle capture est envoyée à Gemini. Implémentation clé : Toujours envoyer une capture d'écran à Gemini après chaque action pour qu'il comprenne l'état actuel. Défis : Lenteur, gestion des CAPTCHA et pop-ups (gérables). Potentiel : Automatisation des tâches web répétitives, création d'agents autonomes. Data et Intelligence Artificielle Apicurio ajoute le support de nouveaux schema sans reconstruire Apicurio https://www.apicur.io/blog/2025/10/27/custom-artifact-types Apicurio Registry 3.1.0 permet d'ajouter des types d'artefacts personnalisés au moment du déploiement sans recompiler le projet Supporte nativement OpenAPI, AsyncAPI, Avro, JSON Schema, Protobuf, GraphQL, WSDL et XSD Trois approches d'implémentation disponibles : classes Java pour la performance maximale, JavaScript/TypeScript pour la facilité de développement, ou webhooks pour une flexibilité totale Configuration via un simple fichier JSON pointant vers les implémentations des composants personnalisés Les scripts JavaScript sont exécutés via QuickJS dans un environnement sandboxé sécurisé Un package npm TypeScript fournit l'autocomplétion et la sécurité de type pour le développement Six composants optionnels configurables : détection automatique de type, validation, vérification de compatibilité, canonicalisation, déréférencement et recherche de références Cas d'usage typiques : formats propriétaires internes, support RAML, formats legacy comme WADL, schémas spécifiques à un domaine métier Déploiement simple via Docker en montant les fichiers de configuration et scripts comme volumes Les performances varient selon l'approche : Java offre les meilleures performances, JavaScript un bon équilibre, webhooks la flexibilité maximale Le truc interessant c'est que c'est Quarkus based et donc demandait le rebuilt donc pour eviter cela, ils ont ajouter QuickJS via Chicorey un moteur WebAssembly GPT 5.1 pour les développeurs est sorti. https://openai.com/index/gpt-5-1-for-developers/ C'est le meilleur puisque c'est le dernier :slightly_smiling_face: Raisonnement Adaptatif et Efficace : GPT-5.1 ajuste dynamiquement son temps de réflexion en fonction de la complexité de la tâche, le rendant nettement plus rapide et plus économique en jetons pour les tâches simples, tout en maintenant des performances de pointe sur les tâches difficiles. Nouveau Mode « Sans Raisonnement » : Un mode (reasoning_effort='none') a été introduit pour les cas d'utilisation sensibles à la latence, permettant une réponse plus rapide avec une intelligence élevée et une meilleure exécution des outils. Cache de Prompt Étendu : La mise en cache des invites est étendue jusqu'à 24 heures (contre quelques minutes auparavant), ce qui réduit la latence et le coût pour les interactions de longue durée (chats multi-tours, sessions de codage). Les jetons mis en cache sont 90 % moins chers. Améliorations en Codage : Le modèle offre une meilleure personnalité de codage, une qualité de code améliorée et de meilleures performances sur les tâches d'agenticité de code, atteignant 76,3 % sur SWE-bench Verified. Nouveaux Outils pour les Développeurs : Deux nouveaux outils sont introduits ( https://cookbook.openai.com/examples/build_a_coding_agent_with_gpt-5.1 ) : L'outil apply_patch pour des modifications de code plus fiables via des diffs structurés. L'outil shell qui permet au modèle de proposer et d'exécuter des commandes shell sur une machine locale, facilitant les boucles d'inspection et d'exécution. Disponibilité : GPT-5.1 (ainsi que les modèles gpt-5.1-codex) est disponible pour les développeurs sur toutes les plateformes API payantes, avec les mêmes tarifs et limites de débit que GPT-5. Comparaison de similarité d'articles et de documents avec les embedding models https://glaforge.dev/posts/2025/11/12/finding-related-articles-with-vector-embedding-models/ Principe : Convertir les articles en vecteurs numériques ; la similarité sémantique est mesurée par la proximité de ces vecteurs. Démarche : Résumé des articles via Gemini-2.5-flash. Conversion des résumés en vecteurs (embeddings) par Gemini-embedding-001. Calcul de la similarité entre vecteurs par similarité cosinus. Affichage des 3 articles les plus pertinents (>0.75) dans le frontmatter Hugo. Bilan : Approche "résumé et embedding" efficace, pragmatique et améliorant l'engagement des lecteurs. Outillage Composer : Nouveau modèle d'agent rapide pour l'ingénierie logicielle - https://cursor.com/blog/composer Composer est un modèle d'agent conçu pour l'ingénierie logicielle qui génère du code quatre fois plus rapidement que les modèles similaires Le modèle est entraîné sur de vrais défis d'ingénierie logicielle dans de grandes bases de code avec accès à des outils de recherche et d'édition Il s'agit d'un modèle de type mixture-of-experts optimisé pour des réponses interactives et rapides afin de maintenir le flux de développement L'entraînement utilise l'apprentissage par renforcement dans divers environnements de développement avec des outils comme la lecture de fichiers, l'édition, les commandes terminal et la recherche sémantique Cursor Bench est un benchmark d'évaluation basé sur de vraies demandes d'ingénieurs qui mesure la correction et le respect des abstractions du code existant Le modèle apprend automatiquement des comportements utiles comme effectuer des recherches complexes, corriger les erreurs de linter et écrire des tests unitaires L'infrastructure d'entraînement utilise PyTorch et Ray avec des kernels MXFP8 pour entraîner sur des milliers de GPUs NVIDIA Le système exécute des centaines de milliers d'environnements de codage sandboxés concurrents dans le cloud pour l'entraînement Composer est déjà utilisé quotidiennement par les développeurs de Cursor pour leur propre travail Le modèle se positionne juste derrière GPT-5 et Sonnet 4.5 en termes de performance sur les benchmarks internes Rex sur l'utilisation de l'IA pour les développeurs, un gain de productivité réel et des contextes adaptés https://mcorbin.fr/posts/2025-10-17-genai-dev/ Un développeur avec 18 ans d'expérience partage son retour sur l'IA générative après avoir changé d'avis Utilise exclusivement Claude Code dans le terminal pour coder en langage naturel Le "vibe coding" permet de générer des scripts et interfaces sans regarder le code généré Génération rapide de scripts Python pour traiter des CSV, JSON ou créer des interfaces HTML Le mode chirurgien résout des bugs complexes en one-shot, exemple avec un plugin Grafana fixé en une minute Pour le code de production, l'IA génère les couches repository, service et API de manière itérative, mais le dev controle le modele de données Le développeur relit toujours le code et ajuste manuellement ou via l'IA selon le besoin L'IA ne remplacera pas les développeurs car la réflexion, conception et expertise technique restent essentielles La construction de produits robustes, scalables et maintenables nécessite une expérience humaine L'IA libère du temps sur les tâches répétitives et permet de se concentrer sur les aspects complexes ce que je trouve interessant c'est la partie sur le code de prod effectivement, je corrige aussi beaucoup les propositions de l'IA en lui demandant de faire mieux dans tel ou tel domaine Sans guide, tout cela serait perdu Affaire a suivre un article en parallele sur le métier de designer https://blog.ippon.fr/2025/11/03/lia-ne-remplace-pas-un-designer-elle-amplifie-la-difference-entre-faire-et-bien-faire/ Plus besoin de se rappeler les racourcis dans IntelliJ idea avec l'universal entry point https://blog.jetbrains.com/idea/2025/11/universal-entry-point-a-single-entry-point-for-context-aware-coding-assistance/ IntelliJ IDEA introduit Command Completion, une nouvelle façon d'accéder aux actions de l'IDE directement depuis l'éditeur Fonctionne comme la complétion de code : tapez point (.) pour voir les actions contextuelles disponibles Tapez double point (..) pour filtrer et n'afficher que les actions disponibles Propose des corrections, refactorings, génération de code et navigation selon le contexte Complète les fonctionnalités existantes sans les remplacer : raccourcis, Alt+Enter, Search Everywhere Facilite la découverte des fonctionnalités de l'IDE sans interrompre le flux de développement En Beta dans la version 2025.2, sera activé par défaut dans 2025.3 Support actuel pour Java et Kotlin, avec actions spécifiques aux frameworks comme Spring et Hibernate Homebrew, package manage pour macOS et Linux passe en version 5 https://brew.sh/2025/11/12/homebrew-5.0.0/ Téléchargements Parallèles par Défaut : Le paramètre HOMEBREW_DOWNLOAD_CONCURRENCY=auto est activé par défaut, permettant des téléchargements concurrents pour tous les utilisateurs, avec un rapport de progression. Support Linux ARM64/AArch64 en Tier 1 : Le support pour Linux ARM64/AArch64 a été promu au niveau "Tier 1" (support officiel de premier plan). Feuille de Route pour les Dépréciations macOS : Septembre 2026 (ou plus tard) : Homebrew ne fonctionnera plus sur macOS Catalina (10.15) et versions antérieures. macOS Intel (x86_64) passera en "Tier 3" (fin du support CI et des binaires précompilés/bottles). Septembre 2027 (ou plus tard) : Homebrew ne fonctionnera plus sur macOS Big Sur (11) sur Apple Silicon ni du tout sur Intel (x86_64). Sécurité et Casks : Dépréciation des Casks sans signature de code. Désactivation des Casks échouant aux vérifications Gatekeeper en septembre 2026. Les options --no-quarantine et --quarantine sont dépréciés pour ne plus faciliter le contournement des fonctionnalités de sécurité de macOS. Nouvelles Fonctionnalités & Améliorations : Support officiel pour macOS 26 (Tahoe). brew bundle supporte désormais l'installation de packages Go via un Brewfile. Ajout de la commande brew info --sizes pour afficher la taille des formulae et casks. La commande brew search --alpine permet de chercher des packages Alpine Linux. Architecture Selon l'analyste RedMonk, Java reste très pertinent dans l'aire de l'IA et des agents https://redmonk.com/jgovernor/java-relevance-in-the-ai-era-agent-frameworks-emerge/ Java reste pertinent à l'ère de l'IA, pas besoin d'apprendre une pile technique entièrement nouvelle. Capacité d'adaptation de Java ("anticorps") aux innovations (Big Data, cloud, IA), le rendant idéal pour les contextes d'entreprise. L'écosystème JVM offre des avantages sur Python pour la logique métier et les applications sophistiquées, notamment en termes de sécurité et d'évolutivité. Embabel (par Rod Johnson, créateur de Spring) : un framework d'agents fortement typé pour JVM, visant le déterminisme des projets avant la génération de code par LLM. LangChain4J : facilite l'accès aux capacités d'IA pour les développeurs Java, s'aligne sur les modèles d'entreprise établis et permet aux LLM d'appeler des méthodes Java. Koog (Jetbrains) : framework d'agents basé sur Kotlin, typé et spécifique aux développeurs JVM/Kotlin. Akka : a pivoté pour se concentrer sur les flux de travail d'agents IA, abordant la complexité, la confiance et les coûts des agents dans les systèmes distribués. Le Model Context Protocol (MCP) est jugé insuffisant, manquant d'explicabilité, de découvrabilité, de capacité à mélanger les modèles, de garde-fous, de gestion de flux, de composabilité et d'intégration sécurisée. Les développeurs Java sont bien placés pour construire des applications compatibles IA et intégrer des agents. Des acteurs majeurs comme IBM, Red Hat et Oracle continuent d'investir massivement dans Java et son intégration avec l'IA. Sécurité AI Deepfake, Hiring … A danger réel https://www.eu-startups.com/2025/10/european-startups-get-serious-about-deepfakes-as-ai-fraud-losses-surpass-e1-3-billion/ Pertes liées aux deepfakes en Europe : > 1,3 milliard € (860 M € rien qu'en 2025). Création de deepfakes désormais possible pour quelques euros. Fraudes : faux entretiens vidéo, usurpations d'identité, arnaques diverses. Startups actives : Acoru, IdentifAI, Trustfull, Innerworks, Keyless (détection et prévention). Réglementation : AI Act et Digital Services Act imposent transparence et contrôle. Recommandations : vérifier identités, former employés, adopter authentification multi-facteurs. En lien : https://www.techmonitor.ai/technology/cybersecurity/remote-hiring-cybersecurity 1 Candidat sur 4 sera Fake en 2028 selon Gartner research https://www.gartner.com/en/newsroom/press-releases/2025-07-31-gartner-survey-shows-j[…]-percent-of-job-applicants-trust-ai-will-fairly-evaluate-them Loi, société et organisation Amazon - prévoit supprimer 30.000 postes https://www.20minutes.fr/economie/4181936-20251028-amazon-prevoit-supprimer-30-000-emplois-bureau-selon-plusieurs-medias Postes supprimés : 30 000 bureaux Part des effectifs : ~10 % des employés corporatifs Tranche confirmée : 14 000 postes Divisions touchées : RH, Opérations, Devices & Services, Cloud Motifs : sur-recrutement, bureaucratie, automatisation/IA Accompagnement : 90 jours pour poste interne + aides Non concernés : entrepôts/logistique Objectif : concentrer sur priorités stratégiques NTP a besoin d'argent https://www.ntp.org/ Il n'est que le protocole qui synchronise toutes les machines du monde La fondation https://www.nwtime.org/ recherche 11000$ pour maintenir son activité Rubrique débutant Une plongée approfondie dans le démarrage de la JVM https://inside.java/2025/01/28/jvm-start-up La JVM effectue une initialisation complexe avant d'exécuter le code : validation des arguments, détection des ressources système et sélection du garbage collector approprié Le chargement de classes suit une stratégie lazy où chaque classe charge d'abord ses dépendances dans l'ordre de déclaration, créant une chaîne d'environ 450 classes même pour un simple Hello World La liaison de classes comprend trois sous-processus : vérification de la structure, préparation avec initialisation des champs statiques à leurs valeurs par défaut, et résolution des références symboliques du Constant Pool Le CDS améliore les performances au démarrage en fournissant des classes pré-vérifiées, réduisant le travail de la JVM L'initialisation de classe exécute les initialiseurs statiques via la méthode spéciale clinit générée automatiquement par javac Le Project Leyden introduit la compilation AOT dans JDK 24 pour réduire le temps de démarrage en effectuant le chargement et la liaison de classes en avance de phase Pas si débutant finalement Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 12-14 novembre 2025 : Devoxx Morocco - Marrakech (Morocco) 15-16 novembre 2025 : Capitole du Libre - Toulouse (France) 19 novembre 2025 : SREday Paris 2025 Q4 - Paris (France) 19-21 novembre 2025 : Agile Grenoble - Grenoble (France) 20 novembre 2025 : OVHcloud Summit - Paris (France) 21 novembre 2025 : DevFest Paris 2025 - Paris (France) 24 novembre 2025 : Forward Data & AI Conference - Paris (France) 27 novembre 2025 : DevFest Strasbourg 2025 - Strasbourg (France) 28 novembre 2025 : DevFest Lyon - Lyon (France) 1-2 décembre 2025 : Tech Rocks Summit 2025 - Paris (France) 4-5 décembre 2025 : Agile Tour Rennes - Rennes (France) 5 décembre 2025 : DevFest Dijon 2025 - Dijon (France) 9-11 décembre 2025 : APIdays Paris - Paris (France) 9-11 décembre 2025 : Green IO Paris - Paris (France) 10-11 décembre 2025 : Devops REX - Paris (France) 10-11 décembre 2025 : Open Source Experience - Paris (France) 11 décembre 2025 : Normandie.ai 2025 - Rouen (France) 14-17 janvier 2026 : SnowCamp 2026 - Grenoble (France) 22 janvier 2026 : DevCon #26 : sécurité / post-quantique / hacking - Paris (France) 29-31 janvier 2026 : Epitech Summit 2026 - Paris - Paris (France) 2-5 février 2026 : Epitech Summit 2026 - Moulins - Moulins (France) 2-6 février 2026 : Web Days Convention - Aix-en-Provence (France) 3 février 2026 : Cloud Native Days France 2026 - Paris (France) 3-4 février 2026 : Epitech Summit 2026 - Lille - Lille (France) 3-4 février 2026 : Epitech Summit 2026 - Mulhouse - Mulhouse (France) 3-4 février 2026 : Epitech Summit 2026 - Nancy - Nancy (France) 3-4 février 2026 : Epitech Summit 2026 - Nantes - Nantes (France) 3-4 février 2026 : Epitech Summit 2026 - Marseille - Marseille (France) 3-4 février 2026 : Epitech Summit 2026 - Rennes - Rennes (France) 3-4 février 2026 : Epitech Summit 2026 - Montpellier - Montpellier (France) 3-4 février 2026 : Epitech Summit 2026 - Strasbourg - Strasbourg (France) 3-4 février 2026 : Epitech Summit 2026 - Toulouse - Toulouse (France) 4-5 février 2026 : Epitech Summit 2026 - Bordeaux - Bordeaux (France) 4-5 février 2026 : Epitech Summit 2026 - Lyon - Lyon (France) 4-6 février 2026 : Epitech Summit 2026 - Nice - Nice (France) 12-13 février 2026 : Touraine Tech #26 - Tours (France) 26-27 mars 2026 : SymfonyLive Paris 2026 - Paris (France) 27-29 mars 2026 : Shift - Nantes (France) 31 mars 2026 : ParisTestConf - Paris (France) 16-17 avril 2026 : MiXiT 2026 - Lyon (France) 22-24 avril 2026 : Devoxx France 2026 - Paris (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 6-7 mai 2026 : Devoxx UK 2026 - London (UK) 22 mai 2026 : AFUP Day 2026 Lille - Lille (France) 22 mai 2026 : AFUP Day 2026 Paris - Paris (France) 22 mai 2026 : AFUP Day 2026 Bordeaux - Bordeaux (France) 22 mai 2026 : AFUP Day 2026 Lyon - Lyon (France) 17 juin 2026 : Devoxx Poland - Krakow (Poland) 11-12 juillet 2026 : DevLille 2026 - Lille (France) 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

In this episode, we discuss MuleSoft and Camel similarities and take a brief tangent on the prevalence of XML as a data format, vibe-coding, SaaS fatigue, subscription overload, and Illuminated Cloud's support for GraphQL.

Strategic Technology Consultation Services This episode of The Modern .NET Show is supported, in part, by RJJ Software's Strategic Technology Consultation Services. If you're an SME (Small to Medium Enterprise) leader wondering why your technology investments aren't delivering, or you're facing critical decisions about AI, modernization, or team productivity, let's talk. Show Notes "Simple is always the better choice, but easy is not always the best. So sometimes you'll go to graph, it's a little bit harder for us to write the code for around it, but the bandwidth consumption is considerably smaller. the compute consumption and the ability for it to run on a mobile device is considerably easier."— Jerry Nixon Hey everyone, and welcome back to The Modern .NET Show; the premier .NET podcast, focusing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. I'm your host Jamie Taylor, bringing you conversations with the brightest minds in the .NET ecosystem. Today, we're joined by Jerry Nixon. Jerry is a Principal Product Manager at Microsoft, focussing on the tooling and Developer Experience around Azure SQL Server. Jerry shares his advice for architecting web-based APIs, RESTful design, and using what fits within your team, and of course we talk about Data API Builder. "When you think about what an architect really is and their responsibility, the decisions, architectural decisions are the decisions that are the most expensive to change. That's kind of like who should be making this decision? Well, how expensive is it to change? It's very expensive."— Jerry Nixon We also talk about the importance of interpersonal skills in modern software engineering (whether you're working in open source or not), psychological safety, and the importance of self-reflection in our day-to-day work. Before we jump in, a quick reminder: if The Modern .NET Show has become part of your learning journey, please consider supporting us through Patreon or Buy Me A Coffee. Every contribution helps us continue bringing you these in-depth conversations with industry experts. You'll find all the links in the show notes. Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET. Full Show Notes The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-8/designing-apis-like-a-pro-lessons-from-jerry-nixon-on-data-api-builder-and-beyond/ Useful Links: SQLBits The original definition of REST Data API Builder documentation Data API Builder on GitHub on MS Learn samples docker Registry SQL Dev Path FusionCache Jerry on X (formerly known as Twitter) Podcast editing services provided by Matthew Bliss Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show Supporting the show: Leave a rating or review Buy the show a coffee Become a patron Getting in Touch: Via the contact page Joining the Discord Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend. And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch. You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast. Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show. Editing and post-production services for this episode were provided by MB Podcast Services.

A challenge in modern frontend application design is efficiently fetching and managing GraphQL data while keeping UI components responsive and maintainable. Developers often face issues like over-fetching, under-fetching, and handling complex query dependencies, which can lead to performance bottlenecks and increased development effort. Relay is a JavaScript framework developed by Meta for managing GraphQL data The post Rethinking GraphQL Frontends with Robert Balicki appeared first on Software Engineering Daily.

A challenge in modern frontend application design is efficiently fetching and managing GraphQL data while keeping UI components responsive and maintainable. Developers often face issues like over-fetching, under-fetching, and handling complex query dependencies, which can lead to performance bottlenecks and increased development effort. Relay is a JavaScript framework developed by Meta for managing GraphQL data The post Rethinking GraphQL Frontends with Robert Balicki appeared first on Software Engineering Daily.

Thank you to the folks at Sustain (https://sustainoss.org/) for providing the hosting account for CHAOSSCast! CHAOSScast – Episode 119 In this episode of CHAOSScast, we have a special episode from our friends at Sustain. Host Richard Littauer from Sustain is joined by guests Ben Nickolls and Andrew Nesbitt to discuss the ecosyste.ms project. They explore how ecosyste.ms collects and analyzes metadata from various open-source projects to create a comprehensive database that can help improve funding allocation. The discussion covers the importance of funding the most critical open-source projects, the existing gaps in funding, and the partnership between ecosyste.ms and Open Source Collective to create funding algorithms that support entire ecosystems. They also talk about the challenges of maintaining data, reaching out to project maintainers, and the broader implications for the open-source community. Hit the download button now! [00:03:16] Andrew and Ben explain ecosyste.ms, what it does, and how it compares to Libraries.io. [00:06:17] Ecosyste.ms tracks metadata, not the packages themselves, and enriches data via dependency graphs, committers, issues, SBOMs, and more. [00:08:12] Andrew talks about finding 1,890 Git hosts and how many critical projects live outside GitHub. [00:09:55] There's a conversation on metadata uses and SBOM parsing. [00:14:07] Richard inquires about the ecosystem.ms funds on their website which Andrew explains it's a collaboration between Open Collective and ecosyste.ms. that algorithmically distributes funds to the most used, not most popular packages. [00:17:03] Ben shares how this is different from previous projects and brings up a past project, “Back Your Stack” and explains how ecosyste.ms is doing two things differently. [00:20:17] Ben explains how it supports payouts to other platforms and encourages maintainers to adopt funding YAML files for automation. Andrew touches on efficient outreach, payout management, and API usage (GraphQL). [00:26:54] Ben elaborates on how companies can fund ecosyste.ms (like Django) instead of curating their own lists and being inspired by Sentry's work with the Open Source Pledge. [00:30:50] Andrew speaks about scaling and developer engagement and emphasizes their focus is on high-impact sustainability. [00:34:06] Richard asks, “Why does it matter?” Ben explains that most current funding goes to popular, not most used projects and ecosyste.ms aims to fix the gap with data backed funding, and he suggests use of open standards like 360Giving and Open Contracting Data. [00:37:04] Andrew shares his thoughts on funding the right projects by improving 1% of OSS, you uplift the quality of millions of dependent projects with healthier infrastructure, faster security updates, and more resilient software. [00:39:53] Find out where you can follow ecosyste.ms and the blog on the web. Quotes: [00:12:36] “I call them interesting forks. If a fork is referenced by a package, it'll get indexed.” [00:23:25] We've built a service that now moves like $25 million a year between OSS maintainers on OSC.” [00:34:41] “We don't have enough information to make collective decisions about which projects, communities, maintainers, should receive more funding.” [00:35:41] “The NSF POSE Program has distributed hundreds of millions of dollars of funding to open source communities alone.” [00:37:05] “If you have ten, twenty thousand really critical open source projects, that actually isn't unachievable to make those projects sustainable.” Spotlight: [00:40:53] Ben's spotlight is Jellyfin. [00:41:38]** **Andrew's spotlight is zizmor. [00:43:39] Richard's spotlight is The LaTeX Project. Panelist: Richard Littauer Guests: Ben Nickolls Andrew Nesbitt Links: CHAOSS (https://chaoss.community/) CHAOSS Project Twitter (https://twitter.com/chaossproj?lang=en) CHAOSScast Podcast (https://podcast.chaoss.community/) podcast@chaoss.community (mailto:podcast@chaoss.community) Alice Sowerby LinkedIn (https://www.linkedin.com/in/alice-sowerby-ba692a13/?originalSubdomain=uk) SustainOSS (https://sustainoss.org/) podcast@sustainoss.org (mailto:podcast@sustainoss.org) richard@sustainoss.org (mailto:richard@sustainoss.org) SustainOSS Discourse (https://discourse.sustainoss.org/) SustainOSS Mastodon (https://mastodon.social/tags/sustainoss) SustainOSS Bluesky (https://bsky.app/profile/sustainoss.bsky.social) SustainOSS LinkedIn (https://www.linkedin.com/company/sustainoss/) Open Collective-SustainOSS (Contribute) (https://opencollective.com/sustainoss) Richard Littauer Socials (https://www.burntfen.com/2023-05-30/socials) Ben Nickolls LinkedIn (https://www.linkedin.com/in/benjamuk/) Andrew Nesbitt Website (https://nesbitt.io/) Andrew Nesbitt Mastodon (https://mastodon.social/@andrewnez) Octobox (https://github.com/octobox) ecosyste.ms (https://ecosyste.ms/) ecosyste.ms Blog (https://blog.ecosyste.ms/) Open Source Collective (https://oscollective.org/) Open Source Collective Updates (https://opencollective.com/opensource/updates) Open Source Collective Contributions (https://opencollective.com/opensource) Open Source Collective Contributors (https://opencollective.com/open-source) Open Collective (https://opencollective.com/) 24 Pull Requests (https://24pullrequests.com/) Libraries.io (https://libraries.io/) The penumbra of open source (EPJ Data Science) (https://epjdatascience.springeropen.com/articles/10.1140/epjds/s13688-022-00345-7) FOSDEM '25- Open source funding: you're doing it wrong (Andrew and Ben) (https://fosdem.org/2025/schedule/event/fosdem-2025-5576-open-source-funding-you-re-doing-it-wrong/) Vue.js (https://vuejs.org/) thanks.dev (https://thanks.dev/home) StackAid (https://www.stackaid.us/) Back Your Stack (https://backyourstack.com/) NSF POSE (https://www.nsf.gov/funding/initiatives/pathways-enable-open-source-ecosystems) Django (https://www.djangoproject.com/) GitHub Sponsors (https://github.com/sponsors) Sustain Podcast-Episode 80: Emma Irwin and the Foss Fund Program (https://podcast.sustainoss.org/80) Sustain Podcast- 3 Episodes featuring Chad Whitacre (https://podcast.sustainoss.org/guests/chad-whitacre) Sustain Podcast- Episode 218: Karthik Ram & James Howison on Research Software Visibility Infrastructure Priorities (https://podcast.sustainoss.org/218) Sustain Podcast-Episode 247: Chad Whitacre on the Open Source Pledge (https://podcast.sustainoss.org/247) Invest in Open Infrastructure (https://investinopen.org/) 360Giving (https://www.360giving.org/) Open Contracting Data Standard (https://standard.open-contracting.org/latest/en/) Jellyfin (https://opencollective.com/jellyfin) zizmor (https://github.com/zizmorcore/zizmor) The LaTeX Project (https://www.latex-project.org/) Special Guests: Andrew Nesbitt, Benjamin Nickolls, and Richard Littauer.

Jens Neuse grew up in Germany, originally planning to be a carpenter. In his 2nd year as an apprentice, he was in a motorcycle wreck that thrust him into a process of surgery and healing. Eventually, he decided he wouldn't be doing carpentry, and got into sysadmin work. Once he got bored with this, he moved into startups, learned how to code, and starting digging into programming, API's and eventually - GraphQL federation. Outside of tech, he is married with 3 young kids. He loves to sit ski on the mountain - which is the coolest carbon fiber chair on a ski, where you steer with your knees and hips.After chasing building a better Apollo, Jens and his team ran into a point where their prior product and company was doomed to go under. When they accepted this fact, they started to think about what people actually wanted - and started to dig into the federation of GraphQL.This is the creation story of Wundergraph.SponsorsFull ScalePaddle.comSema SoftwarePropelAuthPostmanMeilisearchLinkshttps://wundergraph.com/https://www.linkedin.com/in/jens-neuse-706673195Support this podcast at — https://redcircle.com/code-story-insights-from-startup-tech-leaders/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

Today, the Elixir Wizards wrap up Season 14 “Enter the Elixirverse.” Dan, Charles, and Sundi look back at some common themes: Elixir plays well with others, bridges easily to access languages and tools, and remains a powerful technology for data flow, concurrency, and developer experience. We revisit the popular topics of the year, from types and tooling to AI orchestration and reproducible dev environments, and share what we're excited to explore next.   We also invite your questions and takeaways to help shape future seasons and conference conversations. Season 14 doubles as a handy primer for anyone curious about how Elixir integrates across the stack.   Key topics discussed in this episode:   * Lessons from a season of interoperability * Set-theoretic types and what new compiler warnings unlock * AI in practice: LLM orchestration, fallbacks, and real-world use * SDUI and GraphQL patterns for shipping UI across web/iOS/Android * Dataframes in Elixir with Explorer for analytics workflows * Python interoperability (ErlPort, PythonX) and when to reach for it * Reproducible dev environments with Nix and friends * Performance paths: Rustler and Zig for native extensions * Bluetooth & Nerves: Blue Heron and hardware integrations * DevEx upgrades: LiveView, build pipelines, and standard project setup * Observability and ops: Prometheus/Grafana and sensible deployments * Community feedback, conferences, and what's on deck for next season   Links mentioned in this episode: Cars.com S14E06 SDUI at Scale with Elixir https://youtu.be/nloRcgngTk?si=g4Zd4N1s56Ronrtw https://hexdocs.pm/phoenixliveview/Phoenix.LiveView.html https://wordpress.com/ https://elixir-lang.org/ S14E01 Zigler: Zig NIFs for Elixir https://youtu.be/hSAvWxh26TU?si=d55tVuZbNw0KCfT https://ziglang.org/ https://hexdocs.pm/zigler/Zig.html https://github.com/blue-heron/blueheron https://github.com/elixir-explorer/explorer S14E08 Nix for Elixir Apps https://youtu.be/yymUcgy4OAk?si=BRgTlc2VK5bsIhIf https://nixos.org/ https://nix.dev/ S14E07 Set Theoretic Types in Elixir https://youtu.be/qMmEnXcHxL4?si=Ux2lebiwEp3mc0e S14E10 Python in Elixir Apps https://youtu.be/SpVLrrWkRqE?si=ld3oQVXVlWHpo7eV https://www.python.org/ https://hexdocs.pm/pythonx/ https://github.com/Pyrlang/Pyrlang https://github.com/erlport/erlport S14E03 LangChain: LLM Integration for Elixir https://youtu.be/OwFaljL3Ptc?si=A0sDs2dzJ0UoE2PY https://github.com/brainlid/langchain S14E04 Nx & Machine Learning in Elixir https://youtu.be/Ju64kAMLlkw?si=zdVnkBTTLHvIZNBm S14E05 Rustler: Bridging Elixir and Rust https://youtu.be/2RBw7B9OfwE?si=aRVYOyxxW8fTmoRA https://github.com/rusterlium/rustler Season 3: Working with Elixir https://youtube.com/playlist?list=PLTDLmInI9YaDbhMRpGuYpboVNbp1Fl9PD&si=hbe7qt4gRUfrMtpj S14E11 Vibe Coding the LoopedIn Crochet App https://youtu.be/DX0SjmPE92g?si=zCBPjS1huRDIeVeP Season 5: Adopting Elixir  YouTubeLaunchisode and Outlaws Takeover with Chris Keathley, Amos King, and Anna Neyzberg S13E01 Igniter: Elixir Code Generation https://youtu.be/WM9iQlQSF_g?si=e0CAiML2qC2SxmdL Season 8: Elixir in a Polyglot Environment https://youtube.com/playlist?list=PLTDLmInI9YaAPlvMd-RDp6LWFjI67wOGN&si=YCI7WLA8qozD57iw !! We Want to Hear Your Thoughts *!!* Have questions, comments, or topics you'd like us to discuss on the podcast? Share your thoughts with us here: https://forms.gle/Vm7mcYRFDgsqqpDC9

For episode 590 of the BlockHash Podcast, host Brandon Zemp is joined by Jeff Handler, CCO of OpenTrade, an institutional-grade platform delivering real-world asset-backed yield on USDC, USDT, and EURC. ⏳ Timestamps: (0:00) Introduction(1:08) Who is Jeff Handler?(4:12) Importance of Yield-based Stablecoins(7:10) Typical clients(11:03) Stablecoin Yield use-cases in Colombia(15:22) Impact of the Genius Act(17:47) Future of RWAs in Finance(21:54) Onboarding for Clients(24:18) APIs & GraphQL(24:37) OpenTrade Roadmap(26:28) Events & Conferences(27:12) OpenTrade website & socials

### About the episode:Join Nataraj as he interviews Matt DeBergalis, CEO of Apollo GraphQL, about the evolution of GraphQL from an open-source project to a product company. Matt shares insights on building and scaling APIs, the challenges of transitioning open-source tech into a viable business, and how AI is reshaping API development. Discover how Apollo is helping companies of all sizes leverage GraphQL to build agentic experiences and modernize their API strategies.### What you'll learn- Understand the journey of GraphQL from open source to a product-driven company.- Explore the challenges of adopting and scaling GraphQL in enterprise environments.- Discover how GraphQL simplifies complex data combinations with its declarative language.- Learn how Apollo GraphQL helps companies accelerate the development of robust APIs.- Examine the role of GraphQL in building modern agentic experiences powered by AI.- Understand how to balance short-term shipping pressures with long-term architectural considerations.- Identify when GraphQL makes sense for a company based on its API size and consumption needs.- Discover how AI is driving increased API consumption and transforming user interfaces.### About the Guest and Host:Guest Name: Matt DeBergalis is the Co-founder and CEO of Apollo GraphQL, previously CTO and Co-founder at Meteor Development Group.Connect with Guest:→ LinkedIn: https://www.linkedin.com/in/debergalis/→ Website: https://www.apollographql.com/Nataraj: Host of the Startup Project podcast, Senior PM at Azure & Investor.→ LinkedIn: https://www.linkedin.com/in/natarajsindam/→ Twitter: https://x.com/natarajsindam→ Substack: ⁠https://startupproject.substack.com/⁠→ Website: ⁠⁠⁠https://thestartupproject.io⁠⁠⁠### In this episode, we cover(00:01) Introduction to Matt DeBergalis and Apollo GraphQL(00:37) Matt's journey and the origins of Apollo GraphQL(03:24) The transition from open source to a company(05:02) GraphQL as a client-focused API technology(07:22) Meta's approach to open source technologies(10:11) Challenges of converting open source to a business(13:11) Balancing shipping speed with architectural considerations(15:52) The risk of adopting the wrong technology(19:13) The evolution of full-stack development(23:57) When does adopting GraphQL make sense?(26:45) Apollo's customer scale and focus(31:48) Acquiring customers and marketing to developers(33:52) Matt's transition from CTO to CEO(37:02) Apollo's sales motion and target audience(40:24) Matt's thoughts on AI and its impact(47:12) How AI is changing business metricsDon't forget to subscribe and leave us a review/comment on YouTube Apple Spotify or wherever you listen to podcasts.#GraphQL #ApolloGraphQL #API #OpenSource #Enterprise #AI #AgenticAI #APIDevelopment #Startup #Technology #SoftwareDevelopment #GraphQLAdoption #Kubernetes #React #FullStack #DataAnalytics #Innovation #DigitalTransformation #TechStrategy #Podcast

In this episode of the TestGuild DevOps Toolchain Podcast, Joe Colantonio sits down with Matt DeBergalis, CEO of Apollo GraphQL, to explore how GraphQL is transforming the way teams build, ship, and scale applications. Matt shares his journey from open-source pioneer to leading one of the most widely adopted GraphQL platforms in the world—and why GraphQL is more relevant than ever in the age of AI, microservices, and agent-based applications. You'll discover: How GraphQL eliminates over-fetching, reduces technical debt, and accelerates feature delivery Why it's a natural fit for AI agents and future-ready architectures How it improves testing, observability, and security without forcing a backend rewrite Lessons from large-scale GraphQL implementations that every DevOps, QA, and platform engineering team should know Whether you're a developer, tester, or engineering leader, this conversation will give you practical insights to help you build faster, smarter, and with confidence. Try out SmartBear's Bugsnag for free, today. No credit card required: https://testguild.me/bugsnagfree

Nick Schrock is the founder of Dagster Labs, a data platform that helps you build, schedule, and monitor reliable data pipelines. They've raised $49M in funding from investors such as Sequoia, Index, Amplify, Slow, and 8VC. He is also the cocreator of the popular query language GraphQL. Nick's favorite books: The Great CEO Within (Author: Matt Mochary)(00:01) Introduction and Welcome(00:39) The Origins of GraphQL at Facebook(05:24) Explaining Data Orchestration in Plain English(09:03) What Dagster Is and Why It Matters(12:37) Assets vs. Tasks: A New Philosophy(16:51) Balancing Open Source and Commercial Features(22:18) Growing the Early Open Source Community(25:26) Signals of Community Health(27:59) Landing the First 10 Customers(32:25) Culture Shift: From Engineering-Heavy to Go-to-Market(37:49) Mistakes DevTool Founders Often Make(41:21) Selective Micromanagement and Leadership Style(44:36) Rapid Fire Round--------Where to find Nick Schrock: LinkedIn: https://www.linkedin.com/in/schrockn/--------Where to find Prateek Joshi: Newsletter: https://prateekjoshi.substack.com Website: https://prateekj.com LinkedIn: https://www.linkedin.com/in/prateek-joshi-infiniteX: https://x.com/prateekvjoshi 

For episode 583 of the BlockHash Podcast, host Brandon Zemp is joined by Stefan Avram, Co-founder and CCO of WunderGraph, the world’s most widely adopted open-source GraphQL Federation solution. ⏳ Timestamps: (0:00) Introduction(0:55) Who is Stefan Avram?(2:59) Tinder for Founders(3:26) What is Wundergraph?(5:20) GraphQL(5:52) Use-cases(7:44) Typical Customer(10:33) Expansion plan for Wundergraph(11:56) Tips & Advice to Founders(16:02) Wundergraph Roadmap(20:49) Wundergraph website, socials & community

The rise of AI agents is more than a tooling upgrade - it's a fundamental rewiring of the entire developer experience, with your APIs at the very center. We're joined by Matt DeBergalis, co-founder and then-CTO-now-CEO (congrats Matt!) of Apollo GraphQL, to explore this massive transformation. He introduces the emerging concept of "agent experience," explaining why systems built for human developers are not ready for the unprecedented scale of AI calling APIs.Matt argues that as the old rules of software development get re-evaluated, engineering leaders must rethink their entire stack. He presents a powerful analogy: a structured data layer like a graph is the perfect "left brain" for the "right brain" creativity of LLMs. This provides the semantic precision and guardrails needed for AI to act reliably, enabling a future where user experiences are personalized "to 11" and APIs become the core business asset. This conversation is a crucial guide for leaders on how to prepare by prioritizing higher-level system design, and why clear communication and architecture are becoming far more critical than handwriting code.Check out:The DevEx guide to AI-driven software developmentDownload: The 6 trends shaping the future of AI-driven development Follow the hosts:Follow BenFollow AndrewFollow today's guest(s):Explore Apollo GraphQL's graph infrastructure and MCP tooling: ApolloDevConnect with Matt on LinkedInConnect with Andrew Boyagi on LinkedInReferenced in today's show:Anthropic caps Claude Code usageOpenAI introduces study modeReady or not, age verification is rolling out across the internetAtlassian research: AI adoption is rising, but friction persistsSupport the show: Subscribe to our Substack Leave us a review Subscribe on YouTube Follow us on Twitter or LinkedIn Offers: Learn about Continuous Merge with gitStream Get your DORA Metrics free forever

Join our development team as we share real-world insights from recent API integration projects—including SharePoint, Shopify, QuickBooks, and Claris Connect. From handling authentication quirks to leveraging tools like Postman and n8n, this DevCast dives into the decisions, roadblocks, and solutions behind the systems we build. Whether you're navigating OAuth, working with REST vs. GraphQL, or exploring Claris Connect and workflow automation, there's something here for every FileMaker pro and API tinkerer.

Join our development team as we share real-world insights from recent API integration projects—including SharePoint, Shopify, QuickBooks, and Claris Connect. From handling authentication quirks to leveraging tools like Postman and n8n, this DevCast dives into the decisions, roadblocks, and solutions behind the systems we build. Whether you're navigating OAuth, working with REST vs. GraphQL, or exploring Claris Connect and workflow automation, there's something here for every FileMaker pro and API tinkerer.

#306: In this episode of DevOps Paradox, we delve into the role of GraphQL in modern APIs with guest Sophia Willows from Rye. They discuss the pros and cons of using GraphQL versus REST and gRPC, highlighting the efficiencies and complexities each brings to API development, especially in developer tools. They tackle common misconceptions and usage pitfalls of GraphQL, offering valuable insights into its optimal application. Sophia explains the rationale behind Rye's choice of GraphQL for public-facing APIs while opting for REST and gRPC for internal microservices, reflecting on the trade-offs between performance and flexibility. The episode also touches on the evolution of API standards and speculations on potential future innovations.   Sophia's contact information: LinkedIn: https://www.linkedin.com/in/sophia-willows/   YouTube channel: https://youtube.com/devopsparadox   Review the podcast on Apple Podcasts: https://www.devopsparadox.com/review-podcast/   Slack: https://www.devopsparadox.com/slack/   Connect with us at: https://www.devopsparadox.com/contact/

Zack Kayser, Staff Software Engineer at cars.com, joins Elixir Wizards Sundi Myint and Charles Suggs to discuss how Cars.com adopted a server-driven UI (SDUI) architecture powered by Elixir and GraphQL to deliver consistent, updatable interfaces across web, iOS, and Android. We explore why SDUI matters for feature velocity, how a mature design system and schema planning make it feasible, and what it takes, culturally and technically, to move UI logic from client code into a unified backend. Key topics discussed in this episode: SDUI fundamentals and how it differs from traditional server-side rendering GraphQL as the single source of truth for UI components and layouts Defining abstract UI components on the server to eliminate duplicate logic Leveraging a robust design system as the foundation for SDUI success API-first development and cross-team coordination for schema changes Mock data strategies for early UI feedback without breaking clients Handling breaking changes and hot-fix deployments via server-side updates Enabling flexible layouts and A/B testing through server-controlled ordering Balancing server-driven vs. client-managed UI Iterative SDUI rollout versus “big-bang” migrations in large codebases Using type specs and Dialyxir for clear cross-team communication Integration testing at the GraphQL layer to catch UI regressions early Quality engineering's role in validating server-driven interfaces Production rollback strategies across web and native platforms Considerations for greenfield projects adopting SDUI from day one Zack and Ethan's upcoming Instrumenting Elixir Apps book Links mentioned: https://cars.com https://github.com/absinthe-graphql/absinthe Telemetry & Observability for Elixir Apps Ep: https://youtu.be/1V2xEPqqCso https://www.phoenixframework.org/blog/phoenix-liveview-1.0-released https://hexdocs.pm/phoenixliveview/assigns-eex.html https://graphql.org/ https://tailwindcss.com/ https://github.com/jeremyjh/dialyxir https://github.com/rrrene/credo GraphQL Schema https://graphql.org/learn/schema/ SwiftUI https://developer.apple.com/documentation/swiftui/  Kotlin https://kotlinlang.org/ https://medium.com/airbnb-engineering/a-deep-dive-into-airbnbs-server-driven-ui-system-842244c5f5 Zack's Twitter: https://x.com/kayserzl/ Zack's LinkedIn: https://www.linkedin.com/in/zack-kayser-93b96b88  Special Guest: Zack Kayser.

API First - это просто! Просто садимся и делаем крутой API: универсальный, изящный, дико сложный в реализации и абсолютно бесполезный для использования! А как бы так, чтобы без последних двух пунктов?Спасибо всем, кто нас слушает. Ждем Ваши комментарии.Музыка из выпуска: - https://artists.landr.com/056870627229- https://t.me/angry_programmer_screamsВесь плейлист курса "Kubernetes для DotNet разработчиков": https://www.youtube.com/playlist?list=PLbxr_aGL4q3SrrmOzzdBBsdeQ0YVR3Fc7Бесплатный открытый курс "Rust для DotNet разработчиков": https://www.youtube.com/playlist?list=PLbxr_aGL4q3S2iE00WFPNTzKAARURZW1ZShownotes: 00:00:00 Вступление00:05:00 Кто должен разрабатывать спеку API?00:18:30 Spec First vs Code First vs ...00:22:30 Когда спеки не сходятся00:24:30 Ревью спеки00:30:50 Красивая API, которая никому не нужна00:33:30 Backend 4 Frontend00:45:00 Баланс согласования00:49:25 API as a product00:57:50 Регрессия01:03:20 GraphQL, OData01:19:30 Тестирование моками01:21:05 Версионирование API01:31:30 Как рекламировать спеки, витрина API01:34:00 Open Close Principle для API01:36:00 Безопасность01:39:15 API экономикаСсылки:- https://swagger.io/resources/articles/adopting-an-api-first-approach/ : Неплохая статья- https://github.com/OpenAPITools/openapi-generator : То что заставит всех использовать спеку! Видео: https://youtube.com/live/p_KIy8rTWRs Слушайте все выпуски: https://dotnetmore.mave.digitalYouTube: https://www.youtube.com/playlist?list=PLbxr_aGL4q3R6kfpa7Q8biS11T56cNMf5Twitch: https://www.twitch.tv/dotnetmoreОбсуждайте:- Telegram: https://t.me/dotnetmore_chatСледите за новостями:– Twitter: https://twitter.com/dotnetmore– Telegram channel: https://t.me/dotnetmoreCopyright: https://creativecommons.org/licenses/by-sa/4.0/

Our beloved former host, Jay Bell, stopped by this week to share what he's learned about using GraphQL to speed up development and keep code quality on point. Always a blast having him back!https://graphql.org/learn/https://www.apollographql.com/https://the-guild.dev/More about Jay: Bluesky: @jaycooperbell.dev‬LinkedIn: Jay BellX: @JayCooperBelltrellis.orghttps://graphql.org/learn/https://www.apollographql.com/https://the-guild.dev/ Follow us onX: The Angular Plus ShowBluesky: @theangularplusshow.bsky.social  The Angular Plus Show is a part of ng-conf. ng-conf is a multi-day Angular conference focused on delivering the highest quality training in the Angular JavaScript framework. Developers from across the globe converge  every year to attend talks and workshops by the Angular team and community experts.Join: http://www.ng-conf.org/Attend: https://ti.to/ng-conf/2025Follow: https://twitter.com/ngconf             https://www.linkedin.com/company/ng-conf             https://bsky.app/profile/ng-conf.bsky.social             https://www.facebook.com/ngconfofficialRead: https://medium.com/ngconfWatch: https://www.youtube.com/@ngconfonline  Edited by Patrick Hayes https://www.spoonfulofmedia.com/ Stock media provided by JUQBOXMUSIC/ Pond5

Jack Herrington, podcaster, software engineer, writer and YouTuber, joins the pod to uncover the truth behind server functions and why they don't actually exist in the web platform. We dive into the magic behind frameworks like Next.js, TanStack Start, and Remix, breaking down how server functions work, what they simplify, what they hide, and what developers need to know to build smarter, faster, and more secure web apps. Links YouTube: https://www.youtube.com/@jherr Twitter: https://x.com/jherr Github: https://github.com/jherr ProNextJS: https://www.pronextjs.dev Discord: https://discord.com/invite/KRVwpJUG6p LinkedIn: https://www.linkedin.com/in/jherr Website: https://jackherrington.com Resources Server Functions Don't Exist (It Matters) (https://www.youtube.com/watch?v=FPJvlhee04E) We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Let us know by sending an email to our producer, Em, at emily.kochanek@logrocket.com (mailto:emily.kochanek@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understanding where your users are struggling by trying it for free at LogRocket.com. Try LogRocket for free today. (https://logrocket.com/signup/?pdr) Special Guest: Jack Herrington.

Whether or not you work in a technical role, you've probably heard of APIs! But what exactly are APIs? In this episode, we explain what an API is, what they are used for, and how HTTP comes into it. Finally, we finish up by giving a brief overview of the different API protocols out there - from REST, to SOAP, to GraphQL! And in true Hot Girls Code style, we bring the tech to life with fun, relatable analogies featuring two of our favourite spots: restaurants and makeup stores.New episodes come out fortnightly on Wednesday morning (NZT).Where to Find Us: ⁠Instagram⁠ ⁠Tik Tok The Hot Girls Code Website⁠Sponsored by:Trade Me

Guests Ben Nickolls | Andrew Nesbitt Panelist Richard Littauer Show Notes In this episode of Sustain, host Richard is joined by guests Ben Nickolls and Andrew Nesbitt to discuss the ecosyste.ms project. They explore how ecosyste.ms collects and analyzes metadata from various open-source projects to create a comprehensive database that can help improve funding allocation. The discussion covers the importance of funding the most critical open-source projects, the existing gaps in funding, and the partnership between ecosyste.ms and Open Source Collective to create funding algorithms that support entire ecosystems. They also talk about the challenges of maintaining data, reaching out to project maintainers, and the broader implications for the open-source community. Hit the download button now! [00:01:58] Andrew and Ben explain ecosyste.ms, what it does, and how it compares to Libraries.io. [00:04:59] Ecosyste.ms tracks metadata, not the packages themselves, and enriches data via dependency graphs, committers, issues, SBOMs, and more. [00:06:54] Andrew talks about finding 1,890 Git hosts and how many critical projects live outside GitHub. [00:08:37] There's a conversation on metadata uses and SBOM parsing. [00:12:49] Richard inquires about the ecosystem.ms funds on their website which Andrew explains it's a collaboration between Open Collective and ecosyste.ms. that algorithmically distributes funds to the most used, not most popular packages. [00:15:45] Ben shares how this is different from previous projects and brings up a past project, “Back Your Stack” and explains how ecosyste.ms is doing two things differently. [00:18:59] Ben explains how it supports payouts to other platforms and encourages maintainers to adopt funding YAML files for automation. Andrew touches on efficient outreach, payout management, and API usage (GraphQL). [00:25:36] Ben elaborates on how companies can fund ecosyste.ms (like Django) instead of curating their own lists and being inspired by Sentry's work with the Open Source Pledge. [00:29:32] Andrew speaks about scaling and developer engagement and emphasizes their focus is on high-impact sustainability. [00:32:48] Richard asks, “Why does it matter?” Ben explains that most current funding goes to popular, not most used projects and ecosyste.ms aims to fix the gap with data backed funding, and he suggests use of open standards like 360Giving and Open Contracting Data. [00:35:46] Andrew shares his thoughts on funding the right projects by improving 1% of OSS, you uplift the quality of millions of dependent projects with healthier infrastructure, faster security updates, and more resilient software. [00:38:35] Find out where you can follow ecosyste.ms and the blog on the web. Quotes [00:11:18] “I call them interesting forks. If a fork is referenced by a package, it'll get indexed.” [00:22:07] We've built a service that now moves like $25 million a year between OSS maintainers on OSC.” [00:33:23] “We don't have enough information to make collective decisions about which projects, communities, maintainers, should receive more funding.” [00:34:23] “The NSF POSE Program has distributed hundreds of millions of dollars of funding to open source communities alone.” [00:35:47] “If you have ten, twenty thousand really critical open source projects, that actually isn't unachievable to make those projects sustainable.” Spotlight [00:39:35] Ben's spotlight is Jellyfin. [00:40:20] Andrew's spotlight is zizmor. [00:42:21] Richard's spotlight is The LaTeX Project. Links SustainOSS (https://sustainoss.org/) podcast@sustainoss.org (mailto:podcast@sustainoss.org) richard@sustainoss.org (mailto:richard@sustainoss.org) SustainOSS Discourse (https://discourse.sustainoss.org/) SustainOSS Mastodon (https://mastodon.social/tags/sustainoss) SustainOSS Bluesky (https://bsky.app/profile/sustainoss.bsky.social) SustainOSS LinkedIn (https://www.linkedin.com/company/sustainoss/) Open Collective-SustainOSS (Contribute) (https://opencollective.com/sustainoss) Richard Littauer Socials (https://www.burntfen.com/2023-05-30/socials) Ben Nickolls LinkedIn (https://www.linkedin.com/in/benjamuk/) Andrew Nesbitt Website (https://nesbitt.io/) Andrew Nesbitt Mastodon (https://mastodon.social/@andrewnez) Octobox (https://github.com/octobox) ecosyste.ms (https://ecosyste.ms/) ecosyste.ms Blog (https://blog.ecosyste.ms/) Open Source Collective (https://oscollective.org/) Open Source Collective Updates (https://opencollective.com/opensource/updates) Open Source Collective Contributions (https://opencollective.com/opensource) Open Source Collective Contributors (https://opencollective.com/open-source) Open Collective (https://opencollective.com/) 24 Pull Requests (https://24pullrequests.com/) Libraries.io (https://libraries.io/) The penumbra of open source (EPJ Data Science) (https://epjdatascience.springeropen.com/articles/10.1140/epjds/s13688-022-00345-7) FOSDEM '25- Open source funding: you're doing it wrong (Andrew and Ben) (https://fosdem.org/2025/schedule/event/fosdem-2025-5576-open-source-funding-you-re-doing-it-wrong/) Vue.js (https://vuejs.org/) thanks.dev (https://thanks.dev/home) StackAid (https://www.stackaid.us/) Back Your Stack (https://backyourstack.com/) NSF POSE (https://www.nsf.gov/funding/initiatives/pathways-enable-open-source-ecosystems) Django (https://www.djangoproject.com/) GitHub Sponsors (https://github.com/sponsors) Sustain Podcast-Episode 80: Emma Irwin and the Foss Fund Program (https://podcast.sustainoss.org/80) Sustain Podcast- 3 Episodes featuring Chad Whitacre (https://podcast.sustainoss.org/guests/chad-whitacre) Sustain Podcast- Episode 218: Karthik Ram & James Howison on Research Software Visibility Infrastructure Priorities (https://podcast.sustainoss.org/218) Sustain Podcast-Episode 247: Chad Whitacre on the Open Source Pledge (https://podcast.sustainoss.org/247) Invest in Open Infrastructure (https://investinopen.org/) 360Giving (https://www.360giving.org/) Open Contracting Data Standard (https://standard.open-contracting.org/latest/en/) Jellyfin (https://opencollective.com/jellyfin) zizmor (https://github.com/zizmorcore/zizmor) The LaTeX Project (https://www.latex-project.org/) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guests: Andrew Nesbitt and Benjamin Nickolls.

Swimming against the current sometimes leads to unexpected treasures. In this fascinating conversation, Adam Fortuna reveals how migrating Hardcover—a social network for readers with 30,000 users—from Next.js back to Ruby on Rails delivered surprising performance improvements and development simplicity.The journey begins with Adam explaining how Hardcover originated as a response to Goodreads shutting down their API. As a longtime Rails developer who initially chose Next.js for its server-side rendering capabilities, Adam found himself drawn back to Rails once modern tools made it viable to combine Rails' backend strengths with React's frontend interactivity. The migration wasn't a complete rewrite—they preserved their React components while replacing GraphQL with ActiveRecord—and unexpectedly saw significant improvements in page load speeds and SEO rankings.At the heart of this technical evolution is Inertia.js, which Adam describes as "the missing piece for Rails for a long time." This elegant solution allows direct connections between Rails controllers and React components without duplicating routes, creating a seamless developer experience. We dive into the challenges they faced, particularly with generating Open Graph images and handling API abuse, and how they solved these problems with pragmatic hybrid approaches.The conversation takes an exciting turn as Adam discusses their work on book recommendation engines, combining collaborative filtering with content analysis to help readers discover their next favorite book. As someone currently enjoying the Dungeon Crawler Carl series (described as "RPG mixed with Hitchhiker's Guide"), Adam's passion for both books and elegant technical solutions shines throughout.Listen in as we explore how going against conventional wisdom sometimes leads to better outcomes, and discover why Hardcover is now being open-sourced to invite community collaboration. Whether you're interested in Rails, JavaScript frameworks, or book recommendations, this episode offers valuable insights into making technical decisions based on real-world results rather than following trends.Linkshttps://hardcover.app/blog/part-1-how-we-fell-out-of-love-with-next-js-and-back-in-love-with-ruby-on-rails-inertia-jshttps://adamfortuna.com/https://bsky.app/profile/adamfortuna.comSend us some love.HoneybadgerHoneybadger is an application health monitoring tool built by developers for developers.JudoscaleAutoscaling that actually works. Take control of your cloud hosting.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the show

Episode SummaryJeremy Snyder is the co-founder and CEO of FireTail, a company that enables organizations to adopt AI safely without sacrificing speed or innovation. In this conversation, Jeremy shares his deep expertise in API and AI security, highlighting the second wave of cloud adoption and his pivotal experiences at AWS during key moments in its growth from startup onwards.Show NotesIn this episode of The Secure Developer, host Danny Allan sits down with Jeremy Snyder, the Co-founder and CEO of FireTail, to unravel the complexities of API security and explore its critical intersection with the burgeoning field of Artificial Intelligence. Jeremy brings a wealth of experience, tracing his journey from early days in computational linguistics and IT infrastructure, through a pivotal period at AWS during its startup phase, to eventually co-founding FireTail to address the escalating challenges in API security driven by modern, decoupled software architectures.The conversation dives deep into the common pitfalls and crucial best practices for securing APIs. Jeremy clearly distinguishes between authentication (verifying identity) and authorization (defining permissions), emphasizing that failures in authorization are a leading cause of API-related data breaches. He sheds light on vulnerabilities like Broken Object-Level Authorization (BOLA), explaining how seemingly innocuous practices like using sequential integer IDs can expose entire datasets if server-side checks are missed. The discussion also touches on the discoverability of backend APIs and the persistent challenges surrounding multi-factor authentication, including the human element in security weaknesses like SIM swapping.Looking at current trends, Jeremy shares insights from FireTail's ongoing research, including their annual "State of API Security" report, which has uncovered novel attack vectors such as attempts to deploy malware via API calls. A significant portion of the discussion focuses on the new frontier of AI security, where APIs serve as the primary conduit for interaction—and potential exploitation. Jeremy details how AI systems and LLM integrations introduce new risks, citing a real-world example of how a vulnerability in an AI's web crawler API could be leveraged for DDoS attacks. He speculates on the future evolution of APIs, suggesting that technologies like GraphQL might become more prevalent to accommodate the non-deterministic and data-hungry nature of AI agents. Despite the evolving threats, Jeremy concludes with an optimistic view, noting that the gap between business adoption of new technologies and security teams' responses is encouragingly shrinking, leading to more proactive and integrated security practices.LinksFireTailRapid7Snyk - The Developer Security Company Follow UsOur WebsiteOur LinkedIn

React Core team member Dan Abramov joins us to explore "JSX over the wire" and the evolving architecture of React Server Components. We dive into the shift from traditional REST APIs to screen-specific data shaping, the concept of Backend for Frontend (BFF), and why centering UI around the user experience—not server/client boundaries—matters more than ever. Links https://danabra.mov https://github.com/gaearon https://bsky.app/profile/danabra.mov https://overreacted.io https://www.youtube.com/@danabramov Resources JSX Over The Wire: https://overreacted.io/jsx-over-the-wire/ Impossible Components: https://overreacted.io/impossible-components/ What Does "use client" Do?: https://overreacted.io/what-does-use-client-do/ Our Journey With Caching: https://nextjs.org/blog/our-journey-with-caching https://parceljs.org https://nextjs.org/docs/app We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Let us know by sending an email to our producer, Emily, at emily.kochanekketner@logrocket.com (mailto:emily.kochanekketner@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understand where your users are struggling by trying it for free at [LogRocket.com]. Try LogRocket for free today.(https://logrocket.com/signup/?pdr) Special Guest: Dan Abramov.

We are happy to announce that there will be a dedicated MCP track at the 2025 AI Engineer World's Fair, taking place Jun 3rd to 5th in San Francisco, where the MCP core team and major contributors and builders will be meeting. Join us and apply to speak or sponsor!When we first wrote Why MCP Won, we had no idea how quickly it was about to win.In the past 4 weeks, OpenAI and now Google have now announced the MCP support, effectively confirming our prediction that MCP was the presumptive winner of the agent standard wars. MCP has now overtaken OpenAPI, the incumbent option and most direct alternative, in GitHub stars (3 months ahead of conservative trendline):We have explored the state of MCP at AIE (now the first ever >100k views workshop):And since then, we've added a 7th reason why MCP won - this team acts very quickly on feedback, with the 2025-03-26 spec update adding support for stateless/resumable/streamable HTTP transports, and comprehensive authz capabilities based on OAuth 2.1.This bodes very well for the future of the community and project. For protocol and history nerds, we also asked David and Justin to tell the origin story of MCP, which we leave to the reader to enjoy (you can also skim the transcripts, or, the changelogs of a certain favored IDE). It's incredible the impact that individual engineers solving their own problems can have on an entire industry.Full video episodeLike and subscribe on YouTube!Show Links* David* Justin* MCP* Why MCP WonTimestamps* 00:00 Introduction and Guest Welcome* 00:37 What is MCP?* 02:00 The Origin Story of MCP* 05:18 Development Challenges and Solutions* 08:06 Technical Details and Inspirations* 29:45 MCP vs Open API* 32:48 Building MCP Servers* 40:39 Exploring Model Independence in LLMs* 41:36 Building Richer Systems with MCP* 43:13 Understanding Agents in MCP* 45:45 Nesting and Tool Confusion in MCP* 49:11 Client Control and Tool Invocation* 52:08 Authorization and Trust in MCP Servers* 01:01:34 Future Roadmap and Stateless Servers* 01:10:07 Open Source Governance and Community Involvement* 01:18:12 Wishlist and Closing RemarksTranscriptAlessio [00:00:02]: Hey, everyone. Welcome back to Latent Space. This is Alessio, partner and CTO at Decibel, and I'm joined by my co-host Swyx, founder of Small AI.swyx [00:00:10]: Hey, morning. And today we have a remote recording, I guess, with David and Justin from Anthropic over in London. Welcome. Hey, good You guys have created a storm of hype because of MCP, and I'm really glad to have you on. Thanks for making the time. What is MCP? Let's start with a crisp what definition from the horse's mouth, and then we'll go into the origin story. But let's start off right off the bat. What is MCP?Justin/David [00:00:43]: Yeah, sure. So Model Context Protocol, or MCP for short, is basically something we've designed to help AI applications extend themselves or integrate with an ecosystem of plugins, basically. The terminology is a bit different. We use this client-server terminology, and we can talk about why that is and where that came from. But at the end of the day, it really is that. It's like extending and enhancing the functionality of AI application.swyx [00:01:05]: David, would you add anything?Justin/David [00:01:07]: Yeah, I think that's actually a good description. I think there's like a lot of different ways for how people are trying to explain it. But at the core, I think what Justin said is like extending AI applications is really what this is about. And I think the interesting bit here that I want to highlight, it's AI applications and not models themselves that this is focused on. That's a common misconception that we can talk about a bit later. But yeah. Another version that we've used and gotten to like is like MCP is kind of like the USB-C port of AI applications and that it's meant to be this universal connector to a whole ecosystem of things.swyx [00:01:44]: Yeah. Specifically, an interesting feature is, like you said, the client and server. And it's a sort of two-way, right? Like in the same way that said a USB-C is two-way, which could be super interesting. Yeah, let's go into a little bit of the origin story. There's many people who've tried to make statistics. There's many people who've tried to build open source. I think there's an overall, also, my sense is that Anthropic is going hard after developers in the way that other labs are not. And so I'm also curious if there was any external influence or was it just you two guys just in a room somewhere riffing?Justin/David [00:02:18]: It is actually mostly like us two guys in a room riffing. So this is not part of a big strategy. You know, if you roll back time a little bit and go into like July 2024. I was like, started. I started at Anthropic like three months earlier or two months earlier. And I was mostly working on internal developer tooling, which is what I've been doing for like years and years before. And as part of that, I think there was an effort of like, how do I empower more like employees at Anthropic to use, you know, to integrate really deeply with the models we have? Because we've seen these, like, how good it is, how amazing it will become even in the future. And of course, you know, just dogfoot your own model as much as you can. And as part of that. From my development tooling background, I quickly got frustrated by the idea that, you know, on one hand side, I have Cloud Desktop, which is this amazing tool with artifacts, which I really enjoyed. But it was very limited to exactly that feature set. And it was there was no way to extend it. And on the other hand side, I like work in IDEs, which could greatly like act on like the file system and a bunch of other things. But then they don't have artifacts or something like that. And so what I constantly did was just copy. Things back and forth on between Cloud Desktop and the IDE, and that quickly got me, honestly, just very frustrated. And part of that frustration wasn't like, how do I go and fix this? What, what do we need? And back to like this development developer, like focus that I have, I really thought about like, well, I know how to build all these integrations, but what do I need to do to let these applications let me do this? And so it's very quickly that you see that this is clearly like an M times N problem. Like you have multiple like applications. And multiple integrations you want to build and like, what that is better there to fix this than using a protocol. And at the same time, I was actually working on an LSP related thing internally that didn't go anywhere. But you put these things together in someone's brain and let them wait for like a few weeks. And out of that comes like the idea of like, let's build some, some protocol. And so back to like this little room, like it was literally just me going to a room with Justin and go like, I think we should build something like this. Uh, this is a good idea. And Justin. Lucky for me, just really took an interest in the idea, um, and, and took it from there to like, to, to build something, together with me, that's really the inception story is like, it's us to, from then on, just going and building it over, over the course of like, like a month and a half of like building the protocol, building the first integration, like Justin did a lot of the, like the heavy lifting of the first integrations in cloud desktop. I did a lot of the first, um, proof of concept of how this can look like in an IDE. And if you, we could talk about like some of. All the tidbits you can find way before the inception of like before the official release, if you were looking at the right repositories at the right time, but there you go. That's like some of the, the rough story.Alessio [00:05:12]: Uh, what was the timeline when, I know November 25th was like the official announcement date. When did you guys start working on it?Justin/David [00:05:19]: Justin, when did we start working on that? I think it, I think it was around July. I think, yeah, I, as soon as David pitched this initial idea, I got excited pretty quickly and we started working on it, I think. I think almost immediately after that conversation and then, I don't know, it was a couple, maybe a few months of, uh, building the really unrewarding bits, if we're being honest, because for, for establishing something that's like this communication protocol has clients and servers and like SDKs everywhere, there's just like a lot of like laying the groundwork that you have to do. So it was a pretty, uh, that was a pretty slow couple of months. But then afterward, once you get some things talking over that wire, it really starts to get exciting and you can start building. All sorts of crazy things. And I think this really came to a head. And I don't remember exactly when it was, maybe like approximately a month before release, there was an internal hackathon where some folks really got excited about MCP and started building all sorts of crazy applications. I think the coolest one of which was like an MCP server that can control a 3d printer or something. And so like, suddenly people are feeling this power of like cloud connecting to the outside world in a really tangible way. And that, that really added some, uh, some juice to us and to the release.Alessio [00:06:32]: Yeah. And we'll go into the technical details, but I just want to wrap up here. You mentioned you could have seen some things coming if you were looking in the right places. We always want to know what are the places to get alpha, how, how, how to find MCP early.Justin/David [00:06:44]: I'm a big Zed user. I liked the Zed editor. The first MCP implementation on an IDE was in Zed. It was written by me and it was there like a month and a half before the official release. Just because we needed to do it in the open because it's an open source project. Um, and so it was, it was not, it was named slightly differently because we. We were not set on the name yet, but it was there.swyx [00:07:05]: I'm happy to go a little bit. Anthropic also had some preview of a model with Zed, right? Some kind of fast editing, uh, model. Um, uh, I, I'm con I confess, you know, I'm a cursor windsurf user. Haven't tried Zed. Uh, what's, what's your, you know, unrelated or, you know, unsolicited two second pitch for, for Zed. That's a good question.Justin/David [00:07:28]: I, it really depends what you value in editors. For me. I, I wouldn't even say I like, I love Zed more than others. I like them all like complimentary in, in a way or another, like I do use windsurf. I do use Zed. Um, but I think my, my main pitch for Zed is low latency, super smooth experience editor with a decent enough AI integration.swyx [00:07:51]: I mean, and maybe, you know, I think that's, that's all it is for a lot of people. Uh, I think a lot of people obviously very tied to the VS code paradigm and the extensions that come along with it. Okay. So I wanted to go back a little bit. You know, on, on, on some of the things that you mentioned, Justin, uh, which was building MCP on paper, you know, obviously we only see the end result. It just seems inspired by LSP. And I, I think both of you have acknowledged that. So how much is there to build? And when you say build, is it a lot of code or a lot of design? Cause I felt like it's a lot of design, right? Like you're picking JSON RPC, like how much did you base off of LSP and, and, you know, what, what, what was the sort of hard, hard parts?Justin/David [00:08:29]: Yeah, absolutely. I mean, uh, we, we definitely did take heavy inspiration from LSP. David had much more prior experience with it than I did working on developer tools. So, you know, I've mostly worked on products or, or sort of infrastructural things. LSP was new to me. But as a, as a, like, or from design principles, it really makes a ton of sense because it does solve this M times N problem that David referred to where, you know, in the world before LSP, you had all these different IDEs and editors, and then all these different languages that each wants to support or that their users want them to support. And then everyone's just building like one. And so, like, you use Vim and you might have really great support for, like, honestly, I don't know, C or something, and then, like, you switch over to JetBrains and you have the Java support, but then, like, you don't get to use the great JetBrains Java support in Vim and you don't get to use the great C support in JetBrains or something like that. So LSP largely, I think, solved this problem by creating this common language that they could all speak and that, you know, you can have some people focus on really robust language server implementations, and then the IDE developers can really focus on that side. And they both benefit. So that was, like, our key takeaway for MCP is, like, that same principle and that same problem in the space of AI applications and extensions to AI applications. But in terms of, like, concrete particulars, I mean, we did take JSON RPC and we took this idea of bidirectionality, but I think we quickly took it down a different route after that. I guess there is one other principle from LSP that we try to stick to today, which is, like, this focus on how features manifest. More than. The semantics of things, if that makes sense. David refers to it as being presentation focused, where, like, basically thinking and, like, offering different primitives, not because necessarily the semantics of them are very different, but because you want them to show up in the application differently. Like, that was a key sort of insight about how LSP was developed. And that's also something we try to apply to MCP. But like I said, then from there, like, yeah, we spent a lot of time, really a lot of time, and we could go into this more separately, like, thinking about each of the primitives that we want to offer in MCP. And why they should be different, like, why we want to have all these different concepts. That was a significant amount of work. That was the design work, as you allude to. But then also already out of the gate, we had three different languages that we wanted to at least support to some degree. That was TypeScript, Python, and then for the Z integration, it was Rust. So there was some SDK building work in those languages, a mixture of clients and servers to build out to try to create this, like, internal ecosystem that we could start playing with. And then, yeah, I guess just trying to make everything, like, robust over, like, I don't know, this whole, like, concept that we have for local MCP, where you, like, launch subprocesses and stuff and making that robust took some time as well. Yeah, maybe adding to that, I think the LSP inference goes even a little bit further. Like, we did take actually quite a look at criticisms on LSP, like, things that LSP didn't do right and things that people felt they would love to have different and really took that to heart to, like, see, you know, what are some of the things. that we wish, you know, we should do better. We took a, you know, like, a lengthy, like, look at, like, their very unique approach to JSON RPC, I may say, and then we decided that this is not what we do. And so there's, like, these differences, but it's clearly very, very inspired. Because I think when you're trying to build and focus, if you're trying to build something like MCP, you kind of want to pick the areas you want to innovate in, but you kind of want to be boring about the other parts in pattern matching LSP. So the problem allows you to be boring in a lot of the core pieces that you want to be boring in. Like, the choice of JSON RPC is very non-controversial to us because it's just, like, it doesn't matter at all, like, what the action, like, bites on the bar that you're speaking. It makes no difference to us. The innovation is on the primitives you choose and these type of things. And so there's way more focus on that that we wanted to do. So having some prior art is good there, basically.swyx [00:12:26]: It does. I wanted to double click. I mean, there's so many things you can go into. Obviously, I am passionate about protocol design. I wanted to show you guys this. I mean, I think you guys know, but, you know, you already referred to the M times N problem. And I can just share my screen here about anyone working in developer tools has faced this exact issue where you see the God box, basically. Like, the fundamental problem and solution of all infrastructure engineering is you have things going to N things, and then you put the God box and they'll all be better, right? So here is one problem for Uber. One problem for... GraphQL, one problem for Temporal, where I used to work at, and this is from React. And I was just kind of curious, like, you know, did you solve N times N problems at Facebook? Like, it sounds like, David, you did that for a living, right? Like, this is just N times N for a living.Justin/David [00:13:16]: David Pérez- Yeah, yeah. To some degree, for sure. I did. God, what a good example of this, but like, I did a bunch of this kind of work on like source control systems and these type of things. And so there were a bunch of these type of problems. And so you just shove them into something that everyone can read from and everyone can write to, and you build your God box somewhere, and it works. But yeah, it's just in developer tooling, you're absolutely right. In developer tooling, this is everywhere, right?swyx [00:13:47]: And that, you know, it shows up everywhere. And what was interesting is I think everyone who makes the God box then has the same set of problems, which is also you now have like composability off and remotes versus local. So, you know, there's this very common set of problems. So I kind of want to take a meta lesson on how to do the God box, but, you know, we can talk about the sort of development stuff later. I wanted to double click on, again, the presentation that Justin mentioned of like how features manifest and how you said some things are the same, but you just want to reify some concepts so they show up differently. And I had that sense, you know, when I was looking at the MCP docs, I'm like, why do these two things need to be the difference in other? I think a lot of people treat tool calling as the solution to everything, right? And sometimes you can actually sort of view kinds of different kinds of tool calls as different things. And sometimes they're resources. Sometimes they're actually taking actions. Sometimes they're something else that I don't really know yet. But I just want to see, like, what are some things that you sort of mentally group as adjacent concepts and why were they important to you to emphasize?Justin/David [00:14:58]: Yeah, I can chat about this a bit. I think fundamentally we every sort of primitive that we thought through, we thought from the perspective of the application developer first, like if I'm building an application, whether it is an IDE or, you know, call a desktop or some agent interface or whatever the case may be, what are the different things that I would want to receive from like an integration? And I think once you take that lens, it becomes quite clear that that tool calling is necessary, but very insufficient. Like there are many other things you would want to do besides just get tools. And plug them into the model and you want to have some way of differentiating what those different things are. So the kind of core primitives that we started MCP with, we've since added a couple more, but the core ones are really tools, which we've already talked about. It's like adding, adding tools directly to the model or function calling is sometimes called resources, which is basically like bits of data or context that you might want to add to the context. So excuse me, to the, to the model context. And this, this is the first primitive where it's like, we, we. Decided this could be like application controlled, like maybe you want a model to automatically search through and, and find relevant resources and bring them into context. But maybe you also want that to be an explicit UI affordance in the application where the user can like, you know, pick through a dropdown or like a paperclip menu or whatever, and find specific things and tag them in. And then that becomes part of like their message to the LLM. Like those are both use cases for resources. And then the third one is prompts. Which are deliberately meant to be like user initiated or. Like. User substituted. Text or messages. So like the analogy here would be like, if you're an editor, like a slash command or something like that, or like an at, you know, auto completion type thing where it's like, I have this kind of macro effectively that I want to drop in and use. And we have sort of expressed opinions through MCP about the different ways that these things could manifest, but ultimately it is for application developers to decide, okay, you, you get these different concepts expressed differently. Um, and it's very useful as an application developer because you can decide. The appropriate experience for each, and actually this can be a point of differentiation to, like, we were also thinking, you know, from the application developer perspective, they, you know, application developers don't want to be commoditized. They don't want the application to end up the same as every other AI application. So like, what are the unique things that they could do to like create the best user experience even while connecting up to this big open ecosystem of integration? I, yeah. And I think to add to that, the, I think there are two, two aspects to that, that I want to. I want to mention the first one is that interestingly enough, like while nowadays tool calling is obviously like probably like 95% plus of the integrations, and I wish there would be, you know, more clients doing tool resources, doing prompts. The, the very first implementation in that is actually a prompt implementation. It doesn't deal with tools. And, and it, we found this actually quite useful because what it allows you to do is, for example, build an MCP server that takes like a backtrack. So it's, it's not necessarily like a tool that literally just like rawizes from Sentry or any other like online platform that, that tracks your, your crashes. And just lets you pull this into the context window beforehand. And so it's quite nice that way that it's like a user driven interaction that you does the user decide when to pull this in and don't have to wait for the model to do it. And so it's a great way to craft the prompt in a way. And I think similarly, you know, I wish, you know, more MCP servers today would bring prompts as examples of, like how to even use the tools. Yeah. at the same time. The resources bits are quite interesting as well. And I wish we would see more usage there because it's very easy to envision, but yet nobody has really implemented it. A system where like an MCP server exposes, you know, a set of documents that you have, your database, whatever you might want to as a set of resources. And then like a client application would build a full rack index around this, right? This is definitely an application use case we had in mind as to why these are exposed in such a way that they're not model driven, because you might want to have way more resource content than is, you know, realistically usable in a context window. And so I think, you know, I wish applications and I hope applications will do this in the next few months, use these primitives, you know, way better, because I think there's way more rich experiences to be created that way. Yeah, completely agree with that. And I would also add that I would go into it if I haven't.Alessio [00:19:30]: I think that's a great point. And everybody just, you know, has a hammer and wants to do tool calling on everything. I think a lot of people do tool calling to do a database query. They don't use resources for it. What are like the, I guess, maybe like pros and cons or like when people should use a tool versus a resource, especially when it comes to like things that do have an API interface, like for a database, you can do a tool that does a SQL query versus when should you do that or a resource instead with the data? Yeah.Justin/David [00:20:00]: The way we separate these is like tools are always meant to be initiated by the model. It's sort of like at the model's discretion that it will like find the right tool and apply it. So if that's the interaction you want as a server developer, where it's like, okay, this, you know, suddenly I've given the LLM the ability to run a SQL queries, for example, that makes sense as a tool. But resources are more flexible, basically. And I think, to be completely honest, the story here is practically a bit complicated today. Because many clients don't support resources yet. But like, I think in an ideal world where all these concepts are fully realized, and there's like full ecosystem support, you would do resources for things like the schemas of your database tables and stuff like that, as a way to like either allow the user to say like, okay, now, you know, cloud, I want to talk to you about this database table. Here it is. Let's have this conversation. Or maybe the particular AI application that you're using, like, you know, could be something agentic, like cloud code. is able to just like agentically look up resources and find the right schema of the database table you're talking about, like both those interactions are possible. But I think like, anytime you have this sort of like, you want to list a bunch of entities, and then read any of them, that makes sense to model as resources. Resources are also, they're uniquely identified by a URI, always. And so you can also think of them as like, you know, sort of general purpose transformers, even like, if you want to support an interaction where a user just like drops a URI in, and then you like automatically figure out how to interpret that, you could use MCP servers to do that interpretation. One of the interesting side notes here, back to the Z example of resources, is that has like a prompt library that you can do, that people can interact with. And we just exposed a set of default prompts that we want everyone to have as part of that prompt library. Yeah, resources for a while so that like, you boot up Zed and Zed will just populate the prompt library from an MCP server, which was quite a cool interaction. And that was, again, a very specific, like, both sides needed to agree upon the URI format and the underlying data format. And but that was a nice and kind of like neat little application of resources. There's also going back to that perspective of like, as an application developer, what are the things that I would want? Yeah. We also applied this thinking to like, you know, like, we can do this, we can do this, we can do this, we can do this. Like what existing features of applications could conceivably be kind of like factored out into MCP servers if you were to take that approach today. And so like basically any IDE where you have like an attachment menu that I think naturally models as resources. It's just, you know, those implementations already existed.swyx [00:22:49]: Yeah, I think the immediate like, you know, when you introduced it for cloud desktop and I saw the at sign there, I was like, oh, yeah, that's what Cursor has. But this is for everyone else. And, you know, I think like that that is a really good design target because it's something that already exists and people can map on pretty neatly. I was actually featuring this chart from Mahesh's workshop that presumably you guys agreed on. I think this is so useful that it should be on the front page of the docs. Like probably should be. I think that's a good suggestion.Justin/David [00:23:19]: Do you want to do you want to do a PR for this? I love it.swyx [00:23:21]: Yeah, do a PR. I've done a PR for just Mahesh's workshop in general, just because I'm like, you know. I know.SPEAKER_03 [00:23:28]: I approve. Yeah.swyx [00:23:30]: Thank you. Yeah. I mean, like, but, you know, I think for me as a developer relations person, I always insist on having a map for people. Here are all the main things you have to understand. We'll spend the next two hours going through this. So some one image that kind of covers all this, I think is pretty helpful. And I like your emphasis on prompts. I would say that it's interesting that like I think, you know, in the earliest early days of like chat GPT and cloud, people. Often came up with, oh, you can't really follow my screen, can you? In the early days of chat of, of chat, GPT and all that, like a lot, a lot of people started like, you know, GitHub for prompts, like we'll do prop manager libraries and, and like those never really took off. And I think something like this is helpful and important. I would say like, I've also seen prompt file from human loop, I think, as, as other ways to standardize how people share prompts. But yeah, I agree that like, there should be. There should be more innovation here. And I think probably people want some dynamicism, which I think you, you afford, you allow for. And I like that you have multi-step that this was, this is the main thing that got me like, like these guys really get it. You know, I think you, you maybe have a published some research that says like, actually sometimes to get, to get the model working the right way, you have to do multi-step prompting or jailbreaking to, to, to behave the way that you want. And so I think prompts are not just single conversations. They're sometimes chains of conversations. Yeah.Alessio [00:25:05]: Another question that I had when I was looking at some server implementations, the server builders kind of decide what data gets eventually returned, especially for tool calls. For example, the Google maps one, right? If you just look through it, they decide what, you know, attributes kind of get returned and the user can not override that if there's a missing one. That has always been my gripe with like SDKs in general, when people build like API wrapper SDKs. And then they miss one parameter that maybe it's new and then I can not use it. How do you guys think about that? And like, yeah, how much should the user be able to intervene in that versus just letting the server designer do all the work?Justin/David [00:25:41]: I think we probably bear responsibility for the Google maps one, because I think that's one of the reference servers we've released. I mean, in general, for things like for tool results in particular, we've actually made the deliberate decision, at least thus far, for tool results to be not like sort of structured JSON data, not matching a schema, really, but as like a text or images or basically like messages that you would pass into the LLM directly. And so I guess the correlation that is, you really should just return a whole jumble of data and trust the LLM to like sort through it and see. I mean, I think we've clearly done a lot of work. But I think we really need to be able to shift and like, you know, extract the information it cares about, because that's what that's exactly what they excel at. And we really try to think about like, yeah, how to, you know, use LLMs to their full potential and not maybe over specify and then end up with something that doesn't scale as LLMs themselves get better and better. So really, yeah, I suppose what should be happening in this example server, which again, will request welcome. It would be great. It's like if all these result types were literally just passed through from the API that it's calling, and then the API would be able to pass through automatically.Alessio [00:26:50]: Thank you for joining us.Alessio [00:27:19]: It's a hard to sign decisions on where to draw the line.Justin/David [00:27:22]: I'll maybe throw AI under the bus a little bit here and just say that Claude wrote a lot of these example servers. No surprise at all. But I do think, sorry, I do think there's an interesting point in this that I do think people at the moment still to mostly still just apply their normal software engineering API approaches to this. And I think we're still need a little bit more relearning of how to build something for LLMs and trust them, particularly, you know, as they are getting significantly better year to year. Right. And I think, you know, two years ago, maybe that approach would have been very valid. But nowadays, just like just throw data at that thing that is really good at dealing with data is a good approach to this problem. And I think it's just like unlearning like 20, 30, 40 years of software engineering practices that go a little bit into this to some degree. If I could add to that real quickly, just one framing as well for MCP is thinking in terms of like how crazily fast AI is advancing. I mean, it's exciting. It's also scary. Like thinking, us thinking that like the biggest bottleneck to, you know, the next wave of capabilities for models might actually be their ability to like interact with the outside world to like, you know, read data from outside data sources or like take stateful actions. Working at Anthropic, we absolutely care about doing that. Safely and with the right control and alignment measures in place and everything. But also as AI gets better, people will want that. That'll be key to like becoming productive with AI is like being able to connect them up to all those things. So MCP is also sort of like a bet on the future and where this is all going and how important that will be.Alessio [00:29:05]: Yeah. Yeah, I would say any API attribute that says formatted underscore should kind of be gone and we should just get the raw data from all of them. Because why, you know, why are you formatting? For me, the, the model is definitely smart enough to format an address. So I think that should go to the end user.swyx [00:29:23]: Yeah. I have, I think Alessio is about to move on to like server implementation. I wanted to, I think we were talking, we're still talking about sort of MCP design and goals and intentions. And we've, I think we've indirectly identified like some problems that MCP is really trying to address. But I wanted to give you the spot to directly take on MCP versus open API, because I think obviously there's a, this is a top question. I wanted to sort of recap everything we just talked about and give people a nice little segment that, that people can say, say, like, this is a definitive answer on MCP versus open API.Justin/David [00:29:56]: Yeah, I think fundamentally, I mean, open API specifications are a very great tool. And like I've used them a lot in developing APIs and consumers of APIs. I think fundamentally, or we think that they're just like too granular for what you want to do with LLMs. Like they don't express higher level AI specific concepts like this whole mental model. Yeah. But we've talked about with the primitives of MCP and thinking from the perspective of the application developer, like you don't get any of that when you encode this information into an open API specification. So we believe that models will benefit more from like the purpose built or purpose design tools, resources, prompts, and the other primitives than just kind of like, here's our REST API, go wild. I do think there, there's another aspect. I think that I'm not an open API expert, so I might, everything might not be perfectly accurate. But I do think that we're... Like there's been, and we can talk about this a bit more later. There's a deliberate design decision to make the protocol somewhat stateful because we do really believe that AI applications and AI like interactions will become inherently more stateful and that we're the current state of like, like need for statelessness is more a temporary point in time that will, you know, to some degree that will always exist. But I think like more statefulness will become increasingly more popular, particularly when you think about additional modalities that go beyond just pure text-based, you know, interactions with models, like it might be like video, audio, whatever other modalities exist and out there already. And so I do think that like having something a bit more stateful is just inherently useful in this interaction pattern. I do think they're actually more complimentary open API and MCP than if people wanted to make it out. Like people look. For these, like, you know, A versus B and like, you know, have, have all the, all the developers of these things go in a room and fist fight it out. But that's rarely what's going on. I think it's actually, they're very complimentary and they have their little space where they're very, very strong. And I think, you know, just use the best tool for the job. And if you want to have a rich interaction between an AI application, it's probably like, it's probably MCP. That's the right choice. And if, if you want to have like an API spec somewhere that is very easy and like a model can read. And to interpret, and that's what, what worked for you, then open API is the way to go. One more thing to add here is that we've already seen people, I mean, this happened very early. People in the community built like bridges between the two as well. So like, if what you have is an open API specification and no one's, you know, building a custom MCP server for it, there are already like translators that will take that and re-expose it as MCP. And you could do the other direction too. Awesome.Alessio [00:32:43]: Yeah. I think there's the other side of MCPs that people don't talk as much. Okay. I think there's the other side of MCPs that people don't talk as much about because it doesn't go viral, which is building the servers. So I think everybody does the tweets about like connect the cloud desktop to XMCP. It's amazing. How would you guys suggest people start with building servers? I think the spec is like, so there's so many things you can do that. It's almost like, how do you draw the line between being very descriptive as a server developer versus like going back to our discussion before, like just take the data and then let them auto manipulate it later. Do you have any suggestions for people?Justin/David [00:33:16]: I. I think there, I have a few suggestions. I think that one of the best things I think about MCP and something that we got right very early is that it's just very, very easy to build like something very simple that might not be amazing, but it's pretty, it's good enough because models are very good and get this going within like half an hour, you know? And so I think that the best part is just like pick the language of, you know, of your choice that you love the most, pick the SDK for it, if there's an SDK for it, and then just go build a tool of the thing that matters to you personally. And that you want to use. You want to see the model like interact with, build the server, throw the tool in, don't even worry too much about the description just yet, like do a bit of like, write your little description as you think about it and just give it to the model and just throw it to standard IO protocol transport wise into like an application that you like and see it do things. And I think that's part of the magic that, or like, you know, empowerment and magic for developers to get so quickly to something that the model does. Or something that you care about. That I think really gets you going and gets you into this flow of like, okay, I see this thing can do cool things. Now I go and, and can expand on this and now I can go and like really think about like, which are the different tools I want, which are the different raw resources and prompts I want. Okay. Now that I have that. Okay. Now do I, what do my evals look like for how I want this to go? How do I optimize my prompts for the evals using like tools like that? This is infinite depth so that you can do. But. Okay. Just start. As simple as possible and just go build a server in like half an hour in the language of your choice and how the model interacts with the things that matter to you. And I think that's where the fun is at. And I think people, I think a lot of what MCP makes great is it just adds a lot of fun to the development piece to just go and have models do things quickly. I also, I'm quite partial, again, to using AI to help me do the coding. Like, I think even during the initial development process, we realized it was quite easy to basically just take all the SDK code. Again, you know, what David suggested, like, you know, pick the language you care about, and then pick the SDK. And once you have that, you can literally just drop the whole SDK code into an LLM's context window and say, okay, now that you know MCP, build me a server that does that. This, this, this. And like, the results, I think, are astounding. Like, I mean, it might not be perfect around every single corner or whatever. And you can refine it over time. But like, it's a great way to kind of like one shot something that basically does what you want, and then you can iterate from there. And like David said, there has been a big emphasis from the beginning on like making servers as easy and simple to build as possible, which certainly helps with LLMs doing it too. We often find that like, getting started is like, you know, 100, 200 lines of code in the last couple of years. It's really quite easy. Yeah. And if you don't have an SDK, again, give the like, give the subset of the spec that you care about to the model, and like another SDK and just have it build you an SDK. And it usually works for like, that subset. Building a full SDK is a different story. But like, to get a model to tool call in Haskell or whatever, like language you like, it's probably pretty straightforward.swyx [00:36:32]: Yeah. Sorry.Alessio [00:36:34]: No, I was gonna say, I co-hosted a hackathon at the AGI house. I'm a personal agent, and one of the personal agents somebody built was like an MCP server builder agent, where they will basically put the URL of the API spec, and it will build an MCP server for them. Do you see that today as kind of like, yeah, most servers are just kind of like a layer on top of an existing API without too much opinion? And how, yeah, do you think that's kind of like how it's going to be going forward? Just like AI generated, exposed to API that already exists? Or are we going to see kind of like net new MCP experiences that you... You couldn't do before?Justin/David [00:37:10]: I think, go for it. I think both, like, I, I think there, there will always be value in like, oh, I have, you know, I have my data over here, and I want to use some connector to bring it into my application over here. That use case will certainly remain. I think, you know, this, this kind of goes back to like, I think a lot of things today are maybe defaulting to tool use when some of the other primitives would be maybe more appropriate over time. And so it could still be that connector. It could still just be that sort of adapter layer, but could like actually adapt it onto different primitives, which is one, one way to add more value. But then I also think there's plenty of opportunity for use cases, which like do, you know, or for MCP servers that kind of do interesting things in and out themselves and aren't just adapters. Some of the earliest examples of this were like, you know, the memory MCP server, which gives the LLM the ability to remember things across conversations or like someone who's a close coworker built the... I shouldn't have said that, not a close coworker. Someone. Yeah. Built the sequential thinking MCP server, which gives a model the ability to like really think step-by-step and get better at its reasoning capabilities. This is something where it's like, it really isn't integrating with anything external. It's just providing this sort of like way of thinking for a model.Justin/David [00:38:27]: I guess either way though, I think AI authorship of the servers is totally possible. Like I've had a lot of success in prompting, just being like, Hey, I want to build an MCP server that like does this thing. And even if this thing is not. Adapting some other API, but it's doing something completely original. It's usually able to figure that out too. Yeah. I do. I do think that the, to add to that, I do think that a good part of, of what MCP servers will be, will be these like just API wrapper to some degree. Um, and that's good to be valid because that works and it gets you very, very far. But I think we're just very early, like in, in exploring what you can do. Um, and I think as client support for like certain primitives get better, like we can talk about sampling. I'm playing with my favorite topic and greatest frustration at the same time. Um, I think you can just see it very easily see like way, way, way richer experiences and we have, we have built them internally for as prototyping aspects. And I think you see some of that in the community already, but there's just, you know, things like, Hey, summarize my, you know, my, my, my, my favorite subreddits for the morning MCP server that nobody has built yet, but it's very easy to envision. And the protocol can totally do this. And these are like slightly richer experiences. And I think as people like go away from like the, oh, I just want to like, I'm just in this new world where I can hook up the things that matter to me, to the LLM, to like actually want a real workflow, a real, like, like more richer experience that I, I really want exposed to the model. I think then you will see these things pop up, but again, that's a, there's a little bit of a chicken and egg problem at the moment with like what a client supported versus, you know, what servers like authors want to do. Yeah.Alessio [00:40:10]: That, that, that was. That's kind of my next question on composability. Like how, how do you guys see that? Do you have plans for that? What's kind of like the import of MCPs, so to speak, into another MCP? Like if I want to build like the subreddit one, there's probably going to be like the Reddit API, uh, MCP, and then the summarization MCP. And then how do I, how do I do a super MCP?Justin/David [00:40:33]: Yeah. So, so this is an interesting topic and I think there, um, so there, there are two aspects to it. I think that the one aspect is like, how can I build something? I think agentically that you requires an LLM call and like a one form of fashion, like for summarization or so, but I'm staying model independent and for that, that's where like part of this by directionality comes in, in this more rich experience where we do have this facility for servers to ask the client again, who owns the LLM interaction, right? Like we talk about cursor, who like runs the, the, the loop with the LLM for you there that for the server author to ask the client for a completion. Um, and basically have it like summarize something for the server and return it back. And so now what model summarizes this depends on which one you have selected in cursor and not depends on what the author brings. The author doesn't bring an SDK. It doesn't have, you had an API key. It's completely model independent, how you can build this. There's just one aspect to that. The second aspect to building richer, richer systems with MCP is that you can easily envision an MCP server that serves something to like something like cursor or win server. For a cloud desktop, but at the same time, also is an MCP client at the same time and itself can use MCP servers to create a rich experience. And now you have a recursive property, which we actually quite carefully in the design principles, try to retain. You, you know, you see it all over the place and authorization and other aspects, um, to the spec that we retain this like recursive pattern. And now you can think about like, okay, I have, I have this little bundle of applications, both a server and a client. And I can add. Add these in chains and build basically graphs like, uh, DAGs out of MCP servers, um, uh, that can just richly interact with each other. A agentic MCP server can also use the whole ecosystem of MCP servers available to themselves. And I think that's a really cool environment, cool thing you can do. And people have experimented with this. And I think you see hopefully more of this, particularly when you think about like auto-selecting, auto-installing, there's a bunch of these things you can do that make, uh, make a really fun experience. I, I think practically there are some niceties we still need to add to the SDKs to make this really simple and like easy to execute on like this kind of recursive MCP server that is also a client or like kind of multiplexing together the behaviors of multiple MCP servers into one host, as we call it. These are things we definitely want to add. We haven't been able to yet, but like, uh, I think that would go some way to showcasing these things that we know are already possible, but not necessarily taken up that much yet. Okay.swyx [00:43:08]: This is, uh, very exciting. And very, I'm sure, I'm sure a lot of people get very, very, uh, a lot of ideas and inspiration from this. Is an MCP server that is also a client, is that an agent?Justin/David [00:43:19]: What's an agent? There's a lot of definitions of agents.swyx [00:43:22]: Because like you're, in some ways you're, you're requesting something and it's going off and doing stuff that you don't necessarily know. There's like a layer of abstraction between you and the ultimate raw source of the data. You could dispute that. Yeah. I just, I don't know if you have a hot take on agents.Justin/David [00:43:35]: I do think, I do think that you can build an agent that way. For me, I think you need to define the difference between. An MCP server plus client that is just a proxy versus an agent. I think there's a difference. And I think that difference might be in, um, you know, for example, using a sample loop to create a more richer experience to, uh, to, to have a model call tools while like inside that MCP server through these clients. I think then you have a, an actual like agent. Yeah. I do think it's very simple to build agents that way. Yeah. I think there are maybe a few paths here. Like it definitely feels like there's some relationship. Between MCP and agents. One possible version is like, maybe MCP is a great way to represent agents. Maybe there are some like, you know, features or specific things that are missing that would make the ergonomics of it better. And we should make that part of MCP. That's one possibility. Another is like, maybe MCP makes sense as kind of like a foundational communication layer for agents to like compose with other agents or something like that. Or there could be other possibilities entirely. Maybe MCP should specialize and narrowly focus on kind of the AI application side. And not as much on the agent side. I think it's a very live question and I think there are sort of trade-offs in every direction going back to the analogy of the God box. I think one thing that we have to be very careful about in designing a protocol and kind of curating or shepherding an ecosystem is like trying to do too much. I think it's, it's a very big, yeah, you know, you don't want a protocol that tries to do absolutely everything under the sun because then it'll be bad at everything too. And so I think the key question, which is still unresolved is like, to what degree are agents. Really? Really naturally fitting in to this existing model and paradigm or to what degree is it basically just like orthogonal? It should be something.swyx [00:45:17]: I think once you enable two way and once you enable client server to be the same and delegation of work to another MCP server, it's definitely more agentic than not. But I appreciate that you keep in mind simplicity and not trying to solve every problem under the sun. Cool. I'm happy to move on there. I mean, I'm going to double click on a couple of things that I marked out because they coincide with things that we wanted to ask you. Anyway, so the first one is, it's just a simple, how many MCP things can one implementation support, you know, so this is the, the, the sort of wide versus deep question. And, and this, this is direct relevance to the nesting of MCPs that we just talked about in April, 2024, when, when Claude was launching one of its first contexts, the first million token context example, they said you can support 250 tools. And in a lot of cases, you can't do that. You know, so to me, that's wide in, in the sense that you, you don't have tools that call tools. You just have the model and a flat hierarchy of tools, but then obviously you have tool confusion. It's going to happen when the tools are adjacent, you call the wrong tool. You're going to get the bad results, right? Do you have a recommendation of like a maximum number of MCP servers that are enabled at any given time?Justin/David [00:46:32]: I think be honest, like, I think there's not one answer to this because to some extent, it depends on the model that you're using. To some extent, it depends on like how well the tools are named and described for the model and stuff like that to avoid confusion. I mean, I think that the dream is certainly like you just furnish all this information to the LLM and it can make sense of everything. This, this kind of goes back to like the, the future we envision with MCP is like all this information is just brought to the model and it decides what to do with it. But today the reality or the practicalities might mean that like, yeah, maybe you, maybe in your client application, like the AI application, you do some fill in the blanks. Maybe you do some filtering over the tool set or like maybe you, you run like a faster, smaller LLM to like filter to what's most relevant and then only pass those tools to the bigger model. Or you could use an MCP server, which is a proxy to other MCP servers and does some filtering at that level or something like that. I think hundreds, as you referenced, is still a fairly safe bet, at least for Claude. I can't speak to the other models, but yeah, I don't know. I think over time we should just expect this to get better. So we're wary of like constraining anything and preventing that. Sort of long. Yeah, and obviously it highly, it highly depends on the overlap of the description, right? Like if you, if you have like very separate servers that do very separate things and the tools have very clear unique names, very clear, well-written descriptions, you know, your mileage might be more higher than if you have a GitLab and a GitHub server at the same time in your context. And, and then the overlap is quite significant because they look very similar to the model and confusion becomes easier. There's different considerations too. Depending on the AI application, if you're, if you're trying to build something very agentic, maybe you are trying to minimize the amount of times you need to go back to the user with a question or, you know, minimize the amount of like configurability in your interface or something. But if you're building other applications, you're building an IDE or you're building a chat application or whatever, like, I think it's totally reasonable to have affordances that allow the user to say like, at this moment, I want this feature set or at this different moment, I want this different feature set or something like that. And maybe not treat it as like always on. The full list always on all the time. Yeah.swyx [00:48:42]: That's where I think the concepts of resources and tools get to blend a little bit, right? Because now you're saying you want some degree of user control, right? Or application control. And other times you want the model to control it, right? So now we're choosing just subsets of tools. I don't know.Justin/David [00:49:00]: Yeah, I think it's a fair point or a fair concern. I guess the way I think about this is still like at the end of the day, and this is a core MCP design principle is like, ultimately, the concept of a tool is not a tool. It's a client application, and by extension, the user. Ultimately, they should be in full control of absolutely everything that's happening via MCP. When we say that tools are model controlled, what we really mean is like, tools should only be invoked by the model. Like there really shouldn't be an application interaction or a user interaction where it's like, okay, as a user, I now want you to use this tool. I mean, occasionally you might do that for prompting reasons, but like, I think that shouldn't be like a UI affordance. But I think the client application or the user deciding to like filter out the user, it's not a tool. I think the client application or the user deciding to like filter out things that MCP servers are offering, totally reasonable, or even like transform them. Like you could imagine a client application that takes tool descriptions from an MCP server and like enriches them, makes them better. We really want the client applications to have full control in the MCP paradigm. That in addition, though, like I think there, one thing that's very, very early in my thinking is there might be a addition to the protocol where you want to give the server author the ability to like logically group certain primitives together, potentially. Yeah. To inform that, because they might know some of these logical groupings better, and that could like encompasses prompts, resources, and tools at the same time. I mean, personally, we can have a design discussion on there. I mean, personally, my take would be that those should be separate MCP servers, and then the user should be able to compose them together. But we can figure it out.Alessio [00:50:31]: Is there going to be like a MCP standard library, so to speak, of like, hey, these are like the canonical servers, do not build this. We're just going to take care of those. And those can be maybe the building blocks that people can compose. Or do you expect people to just rebuild their own MCP servers for like a lot of things?Justin/David [00:50:49]: I think we will not be prescriptive in that sense. I think there will be inherently, you know, there's a lot of power. Well, let me rephrase it. Like, I have a long history in open source, and I feel the bizarre approach to this problem is somewhat useful, right? And I think so that the best and most interesting option wins. And I don't think we want to be very prescriptive. I will definitely foresee, and this already exists, that there will be like 25 GitHub servers and like 25, you know, Postgres servers and whatnot. And that's all cool. And that's good. And I think they all add in their own way. But effectively, eventually, over months or years, the ecosystem will converge to like a set of very widely used ones who basically, I don't know if you call it winning, but like that will be the most used ones. And I think that's completely fine. Because being prescriptive about this, I don't think it's any useful, any use. I do think, of course, that there will be like MCP servers, and you see them already that are driven by companies for their products. And, you know, they will inherently be probably the canonical implementation. Like if you want to work with Cloudflow workers and use an MCP server for that, you'll probably want to use the one developed by Cloudflare. Yeah. I think there's maybe a related thing here, too, just about like one big thing worth thinking about. We don't have any like solutions completely ready to go. It's this question of like trust or like, you know, vetting is maybe a better word. Like, how do you determine which MCP servers are like the kind of good and safe ones to use? Regardless of if there are any implementations of GitHub MCP servers, that could be totally fine. But you want to make sure that you're not using ones that are really like sus, right? And so trying to think about like how to kind of endow reputation or like, you know, if hypothetically. Anthropic is like, we've vetted this. It meets our criteria for secure coding or something. How can that be reflected in kind of this open model where everyone in the ecosystem can benefit? Don't really know the answer yet, but that's very much top of mind.Alessio [00:52:49]: But I think that's like a great design choice of MCPs, which is like language agnostic. Like already, and there's not, to my knowledge, an Anthropic official Ruby SDK, nor an OpenAI SDK. And Alex Roudal does a great job building those. But now with MCPs is like. You don't actually have to translate an SDK to all these languages. You just do one, one interface and kind of bless that interface as, as Anthropic. So yeah, that was, that was nice.swyx [00:53:18]: I have a quick answer to this thing. So like, obviously there's like five or six different registries already popped up. You guys announced your official registry that's gone away. And a registry is very tempting to offer download counts, likes, reviews, and some kind of trust thing. I think it's kind of brittle. Like no matter what kind of social proof or other thing you can, you can offer, the next update can compromise a trusted package. And actually that's the one that does the most damage, right? So abusing the trust system is like setting up a trust system creates the damage from the trust system. And so I actually want to encourage people to try out MCP Inspector because all you got to do is actually just look at the traffic. And like, I think that's, that goes for a lot of security issues.Justin/David [00:54:03]: Yeah, absolutely. Cool. And then I think like that's very classic, just supply chain problem that like all registries effectively have. And the, you know, there are different approaches to this problem. Like you can take the Apple approach and like vet things and like have like an army of, of both automated system and review teams to do this. And then you effectively build an app store, right? That's, that's one approach to this type of problem. It kind of works in, you know, in a very set, certain set of ways. But I don't think it works in an open source kind of ecosystem for which you always have a registry kind of approach, like similar to MPM and packages and PiPi.swyx [00:54:36]: And they all have inherently these, like these, these supply chain attack problems, right? Yeah, yeah, totally. Quick time check. I think we're going to go for another like 20, 25 minutes. Is that okay for you guys? Okay, awesome. Cool. I wanted to double click, take the time. So I'm going to sort of, we previewed a little bit on like the future coming stuff. So I want to leave the future coming stuff to the end, like registry, the, the, the stateless servers and remote servers, all the other stuff. But I wanted to double click a little bit. A little bit more on the launch, the core servers that are part of the official repo. And some of them are special ones, like the, like the ones we already talked about. So let me just pull them up already. So for example, you mentioned memory, you mentioned sequential thinking. And I think I really, really encourage people should look at these, what I call special servers. Like they're, they're not normal servers in the, in the sense that they, they wrap some API and it's just easier to interact with those than to work at the APIs. And so I'll, I'll highlight the, the memory one first, just because like, I think there are, there are a few memory startups, but actually you don't need them if you just use this one. It's also like 200 lines of code. It's super simple. And, and obviously then if you need to scale it up, you should probably do some, some more battle tested thing. But if you're interested, if you're just introducing memory, I think this is a really good implementation. I don't know if there's like special stories that you want to highlight with, with some of these.Justin/David [00:56:00]: I think, no, I don't, I don't think there's special stories. I think a lot of these, not all of them, but a lot of them originated from that hackathon that I mentioned before, where folks got excited about the idea of MCP. People internally inside Anthropik who wanted to have memory or like wanted to play around with the idea could quickly now prototype something using MCP in a way that wasn't possible before. Someone who's not like, you know, you don't have to become the, the end to end expert. You don't have access. You don't have to have access to this. Like, you know. You don't have to have this private, you know, proprietary code base. You can just now extend cloud with this memory capability. So that's how a lot of these came about. And then also just thinking about like, you know, what is the breadth of functionality that we want to demonstrate at launch?swyx [00:56:47]: Totally. And I think that is partially why it made your launch successful because you launch with a sufficiently spanning set of here's examples and then people just copy paste and expand from there. I would also highligh

Join Pascal and Sabrina on the latest Meta Tech Podcast episode as they discuss the evolution and future of GraphQL. From client-side consistency to innovative APIs, learn how GraphQL is making developers' lives easier and enhancing user experiences. Discover surprising insights into the challenges of building a mobile GraphQL platform and how it's transforming product development at Meta.  Got feedback? Send it to us on Threads (https://threads.net/@metatechpod), Instagram (https://instagram.com/metatechpod) and don't forget to follow our host Pascal (https://mastodon.social/@passy, https://threads.net/@passy_). Fancy working with us? Check out https://www.metacareers.com/. Links GraphQL: https://graphql.org/  Relay: https://relay.dev/  Sabrina at GraphQL Conf 2024: https://www.youtube.com/watch?v=PGBC-0E-kco  Timestamps Intro 0:06 Introduction Sabrina 1:42 Sabrina's team 2:47 What's GraphQL? 3:18 Relay and Mobile GraphQL Clients 4:01 GraphQL Consistency Engine 4:54 Pando Mobile GraphQL Client 7:16 Interfacing with Pando 8:03 Code generation 9:14 Inventing new features 10:43 The hidden complexity behind pagination 11:52 Working inside the GraphQL spec 16:00 Complexity tradeoffs 18:30 State of GraphQL at Meta 21:16 Measuring success 24:58 Optimistic Mutations 27:31 Collaboration model 31:42 Preventing early adoption 34:43 The challenge of migrating FBApp 37:10 What's next for mobile GraphQL? 40:22 Outro 41:54  

Karina Nguyen leads research at OpenAI, where she's been pivotal in developing groundbreaking products like Canvas, Tasks, and the o1 language model. Before OpenAI, Karina was at Anthropic, where she led post-training and evaluation work for Claude 3 models, created a document upload feature with 100,000 context windows, and contributed to numerous other innovations. With experience as an engineer at the New York Times and as a designer at Dropbox and Square, Karina has a rare firsthand perspective on the cutting edge of AI and large language models. In our conversation, we discuss:• How OpenAI builds product• What people misunderstand about AI model training• Differences between how OpenAI and Anthropic operate• The role of synthetic data in model development• How to build trust between users and AI models• Why she moved from engineering to research• Much more—Brought to you by:• Enterpret—Transform customer feedback into product growth• Vanta—Automate compliance. Simplify security• Loom—The easiest screen recorder you'll ever use—Find the transcript at: https://www.lennysnewsletter.com/p/why-soft-skills-are-the-future-of-work-karina-nguyen—Where to find Karina Nguyen:• X: https://x.com/karinanguyen_• LinkedIn: https://www.linkedin.com/in/karinanguyen28• Website: https://karinanguyen.com/—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Introduction to Karina Nguyen(04:42) Challenges in model training(08:21) Synthetic data and its importance(12:38) Creating Canvas(18:33) Day-to-day operations at OpenAI(20:28) Writing evaluations(23:22) Prototyping and product development(26:57) Building Canvas and Tasks(33:34) Understanding the job of a researcher(35:36) The future of AI and its impact on work and education(42:15) Soft skills in the age of AI(47:50) AI's role in creativity and strategy development(53:34) Comparing Anthropic and OpenAI(57:11) Innovations and future visions(01:07:13) The potential of AI agents(01:11:36) Final thoughts and career advice—Referenced:• What's in your stack: The state of tech tools in 2025: https://www.lennysnewsletter.com/p/whats-in-your-stack-the-state-of• Anthropic: https://www.anthropic.com/• OpenAI: https://openai.com/• What is synthetic data—and how can it help you competitively?: https://mitsloan.mit.edu/ideas-made-to-matter/what-synthetic-data-and-how-can-it-help-you-competitively• GPQA: https://datatunnel.io/glossary/gpqa/• Canvas: https://openai.com/index/introducing-canvas/• Barret Zoph on LinkedIn: https://www.linkedin.com/in/barret-zoph-65990543/• Mira Murati on LinkedIn: https://www.linkedin.com/in/mira-murati-4b39a066/• JSON Schema: https://json-schema.org/• Anthropic—100K Context Windows: https://www.anthropic.com/news/100k-context-windows• Claude 3 Haiku: https://www.anthropic.com/news/claude-3-haiku• A.I. Chatbots Defeated Doctors at Diagnosing Illness: https://www.nytimes.com/2024/11/17/health/chatgpt-ai-doctors-diagnosis.html• Cursor: https://www.cursor.com/• How AI will impact product management: https://www.lennysnewsletter.com/p/how-ai-will-impact-product-management• Lee Byron on LinkedIn: https://www.linkedin.com/in/lee-byron/• GraphQL: https://graphql.org/• Claude in Slack: https://www.anthropic.com/claude-in-slack• Sam Altman on X: https://x.com/sama• Jakub Pachocki on LinkedIn: https://www.linkedin.com/in/jakub-pachocki/• Lennybot: https://www.lennybot.com/• ElevenLabs: https://elevenlabs.io/• Westworld on Prime Video: https://www.amazon.com/Westworld-Season-1/dp/B01N05UD06• A conversation with OpenAI's CPO Kevin Weil, Anthropic's CPO Mike Krieger, and Sarah Guo: https://www.youtube.com/watch?v=IxkvVZua28k• Tuple: https://tuple.app/• How Shopify builds a high-intensity culture | Farhan Thawar (VP and Head of Eng): https://www.lennysnewsletter.com/p/how-shopify-builds-a-high-intensity-culture-farhan-thawar—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.—Lenny may be an investor in the companies discussed. Get full access to Lenny's Newsletter at www.lennysnewsletter.com/subscribe

Hoje o papo é sobre GraphQL no mobile. Neste episódio, conversamos sobre o histórico do GraphQL, desde os problemas que ele veio para resolver, até ecossistema, o que é (e o que não é) responsabilidade do GraphQL, vantagens e desvantagens do uso de GraphQL versus REST, e muito mais. Vem ver quem participou desse papo: André David, o host que já é o tradicional co-host Vinny Neves, Líder de Front-End na Alura Yago Oliveira, Coordenador de Conteúdo Técnico na Alura William Bezerra, Instrutor na Alura e Engenheiro Sênior no QuintoAndar

In this special episode of Watson Weekly, Rick Watson is joined by Kelly Goetsch, a Commercetools Advisor and industry thought leader. Kelly shares his unique insights into the evolving landscape of e-commerce, focusing on the intersection of technology and healthcare. Together, they explore key topics like consumer behavior trends, the growing role of composable commerce, and the untapped opportunities in health tech. From tackling HIPAA compliance to redefining retail experiences, this episode dives deep into the transformative potential of technology across industries. Don't miss this engaging discussion packed with expertise and forward-thinking strategies.About Kelly - Kelly Goetsch is a commercetools Advisor. Until January 2025, Kelly was the company's Chief Strategy Officer, and prior to that, he served as the Chief Product Officer at commercetools for nearly six years. Goetsch is an industry thought-leader who champions the MACH (Microservices, API, Cloud-Native, and Headless) movement, and co-founded the MACH Alliance, a group of 100+ independent, future-thinking tech companies dedicated to advocating for open, best-of-breed technology ecosystems. Prior to commercetools, Goetsch held senior-level product development and go-to-market responsibilities at Oracle and held the role of Senior Architect ATG (acquired by Oracle), where he was instrumental to 31 large-scale ATG implementationsHe is the author of four books - GraphQL for Modern Commerce (O'Reilly, 2020), APIs for Modern Commerce (O'Reilly, 2017), Microservices for Modern Commerce (O'Reilly, 2016) and E-Commerce in the Cloud (O'Reilly, 2014). He holds three patents, including one key to distributed computing.

Joël and Stephanie go back to fundamentals as they pick apart some recent conversations they've been having around the office. Together they discuss the advantages of GraphQL over a REST API, how they utilise JSONB over a regular column or table, and the use-cases for and against a frontend framework like React. But what's the theme that ties all these conversations together? — The article mentioned in this episode was Why I'm over GraphQL (https://bessey.dev/blog/2024/05/24/why-im-over-graphql/) Your hosts for this episode have been thoughtbot's own Stephanie Minn and Joël Quenneville (https://www.linkedin.com/in/joel-quenneville-96b18b58/). If you would like to support the show, head over to our GitHub page (https://github.com/sponsors/thoughtbot), or check out our website (https://bikeshed.thoughtbot.com). Got a question or comment about the show? Why not write to our hosts: hosts@bikeshed.fm This has been a thoughtbot (https://thoughtbot.com/) podcast. Stay up to date by following us on social media - LinkedIn (https://www.linkedin.com/company/150727/) - Mastodon (https://thoughtbot.social/@thoughtbot) - Instagram (https://www.instagram.com/thoughtbot/) © 2024 thoughtbot, inc.

Scott and Wes talk with Søren Bramer Schmidt, Founder and CEO of Prisma, about database best practices, including the latest developments in serverless, local-first, and typed SQL solutions. Show Notes 00:00 Welcome to Syntax! 02:55 Søren's thoughts on GraphQL 03:53 Brought to you by Sentry.io 06:57 Common database mistakes 08:52 Prisma's stability and user experience 10:42 Typed SQL and advanced querying Announcing TypedSQL: Make your raw SQL queries type-safe with Prisma ORM Prisma Optimize 20:47 Serverless challenges and solutions Prisma Accelerate 27:11 Cloudflare's potential to dethrone AWS 29:13 Prisma and local-first development Prisma & Expo: A Better Path to Local-First Apps | App.js Conf 2024 35:30 Making local-first development mainstream 40:10 Challenges with async 42:43 Søren's thoughts on Drizzle 43:41 Søren's favorite database 47:21 The read your writes problem 48:58 Prisma hosted Postgres 51:44 Sick Picks & Shameless Plugs Sick Picks Søren: Cursor Shameless Plugs Søren: 1: Prisma Optimize 2: Prisma Postgres (coming soon) Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

GraphQL is an open-source query language for APIs and a runtime for executing those queries. It was developed by Facebook to address the problem of over-fetching or under-fetching data, which is a common issue with traditional REST APIs. Matt Bessey is a Principal Engineer and Software Architect. Earlier this year Matt wrote a blog post The post The End of GraphQL with Matt Bessey appeared first on Software Engineering Daily.